漏洞 Vulnerability CVE-2021-34527: Windows Print Spooler 蠕虫级远程代码执行0day漏洞通告 https://cert.360.cn/warning/detail?id=e21e16d9547c441862910c7a05a5abb4 CVE-2021-35042: Django SQL注入漏洞 https://www.djangoproject.com/weblog/2021/jul/01/security-releases/ 安全事件 Security Incident 俄罗斯GRU发起针对全球企业和云环境的攻击行动 https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/1/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF 朝鲜Thallium组织利用谷歌博客进行黑客攻击 https://blog.alyac.co.kr/3881?category=957259 IndigoZebra APT 持续使用不断升级的工具攻击中亚 https://research.checkpoint.com/2021/indigozebra-apt-continues-to-attack-central-asia-with-evolving-tools/ 2021 年 5 月 威胁组织情报报告 https://redalert.nshc.net/2021/07/01/monthly-threat-actor-group-intelligence-report-may-2021/ 攻击者通过鱼叉式网络钓鱼活动瞄准航空公司 https://www.ehackingnews.com/2021/06/threat-actors-target-aviation-firms-via.html 至少120万俄罗斯人的登录名和密码在网上被泄露 https://www.ehackingnews.com/2021/06/logins-and-passwords-of-at-least-12.html 美国梅赛德斯-奔驰称160万条记录曝光 https://www.databreachtoday.com/mercedes-benz-usa-says-16-million-records-exposed-a-16954