漏洞 Vulnerability WordPress Hide My WP 插件多个高危漏洞 https://www.cybersecurity-help.cz/vdb/SB2021120211 CVE-2021-29967: IBM Cloud 包管理缓冲区溢出 http://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-for-multicloud-management-monitoringhas-applied-security-fixes-for-its-use-of-mozilla-firefox/ 安全事件 Security Incident 伊朗Android用户被广泛的Smishing活动欺骗 https://threatpost.com/smishing-campaign-iranian-android-users/176679/ 黑客在网络钓鱼攻击中越来越多地使用RTF模板注入技术 https://thehackernews.com/2021/12/hackers-increasingly-using-rtf-template.html DNA检测服务数据泄露影响210万用户 https://www.hackread.com/dna-testing-service-data-breach-users-impacted/ EwDoor僵尸网络瞄准美国公司的AT&T网络边缘设备 https://blog.netlab.360.com/warning-ewdoor-botnet-is-attacking-att-customers_cn/ Quest的Reposource因影响35万名患者的数据泄露而面临患者诉讼 https://www.scmagazine.com/analysis/breach/quests-reprosource-faces-patient-lawsuit-over-data-breach-impacting-350k-patients Flubot在芬兰通过短信传播 https://threatpost.com/finland-flubot-text-messages/176649/ 计划生育受到勒索软件攻击的影响，该攻击导致数据泄露 https://heimdalsecurity.com/blog/planned-parenthood-la-data-breach-due-to-ransomware-attack/ MonoX宣布因漏洞导致被黑客窃取3100万美元 https://www.cnbeta.com/articles/tech/1209969.htm Emotet现在通过假冒的Adobe Windows应用程序安装包传播 https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/ 恶意Android应用程序窃取马来西亚银行凭证、MFA代码 https://www.bleepingcomputer.com/news/security/malicious-android-app-steals-malaysian-bank-credentials-mfa-codes/ Microsoft Exchange服务器被黑客攻击以部署Blackyte勒索软件 https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/ Aberbot-2.0攻击银行应用程序和加密钱包 https://www.databreachtoday.com/report-aberebot-20-hits-banking-apps-crypto-wallets-a-18031 Yanluowang勒索软件与Thieflock的联系 https://threatpost.com/yanluowang-ransomware-thieflock-threat-actor/176640/ Sabbath勒索软件的目标是美国和加拿大的关键基础设施 https://securityaffairs.co/wordpress/125154/cyber-crime/sabbath-ransomware.html 分析TeamTNT如何使用受损的Docker Hub帐户 https://www.trendmicro.com/en_us/research/21/l/more-tools-in-the-arsenal-how-teamtnt-used-compromised-docker-hu.html TiltedTemple针对ServiceDesk Plus的攻击活动 https://unit42.paloaltonetworks.com/tiltedtemple-manageengine-servicedesk-plus/ SideCopy新攻击活动分析 https://blog.malwarebytes.com/threat-intelligence/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure/ APT组织利用Zoho ManageEngine ServiceDesk Plus中的CVE-2021-44077漏洞 https://us-cert.cisa.gov/ncas/alerts/aa21-336a