報告編號:B6-2021-051999
報告來源:360CERT
報告作者:360CERT
更新日期:2021-05-19
1. Vulnerability|漏洞
- CVE-2021-1497:Cisco HyperFlex HX Data Platform命令注入漏洞POC公開
https://attackerkb.com/topics/mDqlWhQovO/cve-2021-1497
- CVE-2021-1499:Cisco HyperFlex HX Data Platform任意檔案上傳漏洞POC公開
https://attackerkb.com/topics/Z2MeUsvSlT/cve-2021-1499
2. Security Incident|安全事件
- Lorenz一款針對企業進行攻擊的新型勒索病毒
https://www.bleepingcomputer.com/news/security/meet-lorenz-a-new-ransomware-gang-targeting-the-enterprise/
- 俄羅斯兩大駭客論壇宣佈永久禁止釋出勒索相關主題
https://www.bleepingcomputer.com/news/security/popular-russian-hacking-forum-xss-bans-all-ransomware-topics/
- 學生健康保險公司Guard.me遭受資料洩露
https://www.bleepingcomputer.com/news/security/exploit-released-for-wormable-windows-http-vulnerability/
- FBI發現魚叉式釣魚網站冒充Truist Bank銀行冒充惡意軟體
https://www.bleepingcomputer.com/news/security/fbi-spots-spear-phishing-posing-as-truist-bank-bank-to-deliver-malware/
- Bizarro銀行木馬針對巴西和國外的銀行
https://securityaffairs.co/wordpress/118032/cyber-crime/bizarro-banking-trojan.html
- DarkSide勒索軟體伺服器被查封,其行動取消
https://www.bleepingcomputer.com/news/security/darkside-ransomware-servers-reportedly-seized-operation-shuts-down/