漏洞 Vulnerability 2021-07 补丁日：微软多个漏洞通告 https://cert.360.cn/warning/detail?id=23e89732ce0c581eec7aa61eeb2d52cb SonicWall SRA/SMA产品SQL注入漏洞 https://cert.360.cn/warning/detail?id=bee44895a504d11da12860fe6660a239 安全事件 Security Incident 老树新花：Kimsuky使用的新版KGH间谍组件分析 https://mp.weixin.qq.com/s/cbaePmZSk_Ob0r486RMXyw Matryoshka : ROKRAT 的变体，APT37（Scarcruft） https://medium.com/s2wlab/matryoshka-variant-of-rokrat-apt37-scarcruft-69774ea7bf48 针对政府部门的攻击 https://symantec.broadcom.com/hubfs/Attacks-Against-Government-Sector.pdf Operation SpoofedScholars: 与 TA453 的对话 https://www.proofpoint.com/us/blog/threat-insight/operation-spoofedscholars-conversation-ta453 伊朗交通部遭到网络攻击 https://heimdalsecurity.com/blog/cyberattack-hits-irans-transport-ministry/ 黑客设计了一个新的技巧来禁用宏安全警告 https://www.ehackingnews.com/2021/07/hackers-have-devised-new-trick-to.html SolarWinds 修复了在野外被利用的关键 Serv-U 零日漏洞 https://securityaffairs.co/wordpress/120020/security/solarwinds-serv-u-zero-day.html