1月26日每日安全热点 - 针对安全人员的网络攻击

Powered by 360CERT

安全资讯 Security Information

IObit仍未从网络攻击中恢复

https://www.bleepingcomputer.com/news/security/ransomware-gang-taunts-iobit-with-repeated-forum-hacks/

 

荷兰警方逮捕两名出售泄露数据的黑客

https://securityaffairs.co/wordpress/113846/cyber-crime/covid-19-patient-data-sale.html

 

Westrock遭勒索软件攻击

https://securityaffairs.co/wordpress/113843/malware/westrock-ransomware.html

 

安全报告 Security Report

针对安全人员的网络攻击

https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/

 

安全事件 Security Incident

黑客假借通知打疫苗名义进行钓鱼攻击

https://www.bleepingcomputer.com/news/security/beware-of-active-uk-nhs-covid-19-vaccination-phishing-campaign/

 

起重机制造商Palfinger遭黑客攻击

https://www.bleepingcomputer.com/news/security/leading-crane-maker-palfinger-hit-in-global-cyberattack/

 

澳大利亚证券机构披露遭未授权访问

https://www.bleepingcomputer.com/news/security/australian-securities-regulator-discloses-security-breach/

 

安全客 Security Geek

pe-afl漏洞挖掘技术原理分析

https://www.anquanke.com/post/id/229229

 

三个漏洞的组合利用：SolarWinds Orion平台未经身份验证实现RCE

https://www.anquanke.com/post/id/229457