漏洞 Vulnerability CVE-2021-31985: Windows Defender远程代码执行漏洞 https://cert.360.cn/warning/detail?id=f7c5bca5efeb7e1285fb0ddd7d11d158 CVE-2021-1359: Cisco Web Security Appliance权限提升漏洞 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ 安全事件 Security Incident YAPI远程代码执行0day漏洞遭野利用,该攻击正在扩散 https://s.tencent.com/research/report/76 Kaseya遭供REvil勒索软件供应链攻击后，目前仅两个受害者支付赎金 https://www.bleepingcomputer.com/news/security/revil-victims-are-refusing-to-pay-after-flawed-kaseya-ransomware-attack/ Android应用伪装成二维码扫描器，传播Joker木马变种 https://cybleinc.com/2021/07/09/android-app-disguised-as-a-qr-scanner-spreads-joker-variant-trojan/ Lazarus恶意软件滥用Non-ActiveX模块攻击韩国 https://medium.com/s2wlab/analysis-of-lazarus-malware-abusing-non-activex-module-in-south-korea-7d52b9539c12 专家发现针对拉丁美洲企业网络的恶意软件攻击 https://thehackernews.com/2021/07/experts-uncover-malware-attacks.html 攻击者加速勒索软件对工业控制系统 ICS 的网络攻击 https://heimdalsecurity.com/blog/threat-actors-hasten-ransomware-cyberattacks-on-industrial-control-systems-ics/ 以色列安全研究揭示了一场全球性的黑客行动 https://www.cnbeta.com/articles/tech/1150497.htm 疑似Kimsuky针对韩国军工行业的攻击 https://mp.weixin.qq.com/s/y4TGzrhr2rvVk5EAca91hA