漏洞 Vulnerability Mozilla Thunderbird 安全更新 http://www.mozilla.org/en-US/security/advisories/mfsa2021-50/ Grafana XSS 漏洞安全更新 https://seclists.org/oss-sec/2021/q4/96 高通芯片组安全更新 https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin 安全事件 Security Incident 分析KIMSUKY组织的新后门APPLESEED https://www.telsy.com/dissecting-new-appleseed-backdoor-of-kimsuky-threat-actor/ Operation(विक्रान्त)Vikrant：屹立于精神内景中的钢铁巨象 https://mp.weixin.qq.com/s/NA4RTclLJoCpcaui4XiC8w TeamTNT升级了武器库，改进了Kubernetes和GPU环境 https://www.trendmicro.com/en_us/research/21/k/teamtnt-upgrades-arsenal-refines-focus-on-kubernetes-and-gpu-env.html Mekotio Banking Trojan以新的攻击和隐身技术重新出现 https://thehackernews.com/2021/11/mekotio-banking-trojan-resurfaces-with.html 多伦多地铁遭到勒索软件袭击 https://www.zdnet.com/article/toronto-subways-hit-by-ransomware-as-us-lawmakers-slam-burdensome-cybersecurity-rules/ 由于来自执法部门的压力，BlackMatter 勒索团伙正在关闭 https://securityaffairs.co/wordpress/124135/cyber-crime/blackmatter-ransomware-shutting-down-operations.html 加州诊所网络网络事件影响656000人 https://www.databreachtoday.com/california-clinic-network-cyber-incident-affects-656000-a-17839 谷歌警告在主动目标攻击下新的Android 0-Day漏洞 https://thehackernews.com/2021/11/google-warns-of-new-android-0-day.html 新恶意软件引诱伪造Chrome更新攻击Windows PC https://www.hackread.com/malware-fake-chrome-update-attack-windows-pcs/