漏洞 Vulnerability Microsoft Edge chromium内核安全更新 https://msrc.microsoft.com/update-guide/vulnerability Zoho ManageEngine OpManager https://www.manageengine.com/network-monitoring/help/read-me-complete.html?125486 安全事件 Security Incident 珠宝商Graff被Conti攻击，包括特朗普和贝克汉姆在内的富裕客户的数据面临风险 https://securityaffairs.co/wordpress/123980/cyber-crime/conti-ransomware-graff-jeweller.html Fortinet警告称，“黑色星期五”骗局将窃取加密货币 https://www.zdnet.com/article/fortinet-warns-of-black-friday-scams-involving-ps5s-xbox-and-fake-amazon-gift-card-generator-stealing-crypto/ 黑客入侵了麻省大学健康中心 https://securityaffairs.co/wordpress/123970/data-breach/umass-memorial-health-cyberattack.html 勒索软件Chaos通过假的Minecraft Alt列表定位游戏玩家 https://www.bleepingcomputer.com/news/security/chaos-ransomware-targets-gamers-via-fake-minecraft-alt-lists/ 谷歌Chrome被滥用以“合法”Win 10应用程序的形式发布恶意软件 https://threatpost.com/chrome-deliver-malware-as-legit-win-10-app/175884/ 新的“Shrootless”漏洞可让攻击者在macOS系统上安装Rootkit https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html 泰国豪华连锁酒店报告数据泄露 https://www.zdnet.com/article/luxury-hotel-chain-in-thailand-reports-data-breach/ 安卓间谍软件在日本作为杀毒软件传播 https://www.bleepingcomputer.com/news/security/android-spyware-spreading-as-antivirus-software-in-japan/ 勒索团伙利用SEO毒害来感染访客 https://www.bleepingcomputer.com/news/security/ransomware-gangs-use-seo-poisoning-to-infect-visitors/ 40万德国学生的个人信息被曝光 https://heimdalsecurity.com/blog/personal-information-belonging-to-400000-german-students-exposed/ 发现恶意NPM库安装密码窃取和勒索软件 https://thehackernews.com/2021/10/malicious-npm-libraries-caught.html Avast为AtomSilo和LockFile勒索软件系列发布免费解密程序 https://securityaffairs.co/wordpress/123854/malware/atomsilo-lockfile-ransomware-decryptor.html