漏洞 Vulnerability 戴尔修复存在12年的BIOS驱动漏洞 https://thehackernews.com/2021/05/bios-privesc-bug-affects-hundreds-of.html?utm_source=social_share CVE-2021-1497: Cisco HyperFlex HX命令注入漏洞 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR 安全事件 Security Incident 疑似Kimsuky APT组织利用韩国外交部为诱饵的攻击活动分析 https://mp.weixin.qq.com/s/IcNf4DNdQUPClbpFS9Bn-Q Kimsuky APT组织使用新型的AppleSeed Android组件伪装成安全软件对韩特定目标进行攻击 https://mp.weixin.qq.com/s/8RgFvA_rOR2nIGxjWbEq-w FIN8 APT组织新动作：一起“精心布置”的定向窃密活动 https://security.tencent.com/index.php/blog/msg/187 “双头龙”源自海莲花组织？ https://blog.netlab.360.com/rotajakiro_vs_oceanlotus_cn/ Operation TunnelSnake Formerly unknown rootkit used to secretly control networks of regional organizations https://securelist.com/operation-tunnelsnake-and-moriya-rootkit/101831/ SECTORB GROUP’S THREAT LANDSCAPE IN 2020 https://redalert.nshc.net/2021/04/29/sectorb-groups-threat-landscape-in-2020/ DDoS攻击使比利时政府网站瘫痪 https://www.welivesecurity.com/2021/05/05/belgium-government-websites-offline-ddos-attack/ Qualcomm芯片中的漏洞允许攻击者窥探通话和短信 https://www.scmagazine.com/home/security-news/mobile-security/vulnerability-in-qualcomm-chips-lets-an-attacker-snoop-on-calls-and-texts/