安全事件 Security Incident 10月下旬APT组织PATCHWORK伪装巴基斯坦联邦税务局的鱼叉攻击活动 http://blog.nsfocus.net/apt-patchwork/ FBI：HelloKitty勒索软件将DDoS攻击添加到勒索战术中 https://www.bleepingcomputer.com/news/security/fbi-hellokitty-ransomware-adds-ddos-attacks-to-extortion-tactics/ BlackShadow黑客入侵以色列主机公司勒索客户 https://www.bleepingcomputer.com/news/security/blackshadow-hackers-breach-israeli-hosting-firm-and-extort-customers/ 卡巴斯基被盗的亚马逊SES令牌用于Office 365网络钓鱼 https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/ 50%面向internet的GitLab安装仍然受到RCE漏洞的影响 https://securityaffairs.co/wordpress/124088/hacking/gitlab-rce.html 多伦多交通委员会（TTC）遭到勒索软件攻击 https://securityaffairs.co/wordpress/124066/malware/toronto-transit-commission-ransomware.html 网络犯罪分子利用网络钓鱼网站进行攻击 https://www.databreachtoday.com/cybercriminals-target-newbie-bad-actors-phishing-sites-a-17810 鱿鱼游戏加密货币退出骗局!运营商赚了210万美元 https://securityaffairs.co/wordpress/124047/cyber-crime/squid-game-cryptocurrency-exit-scam.html