360-CERT每日安全简报
Daily Security Briefing
2021-12-03 星期五
漏洞 Vulnerability
CVE-2021-43527: Mozilla NSS 缓冲区堆溢出
https://cert.360.cn/warning/detail?id=980325c243bf0d526d6bc1a0a088a44a
Attendance Management System 漏洞更新通告
https://www.sourcecodester.com/php/14173/attendance-management-system.html#comment-96757
安全事件 Security Incident
伊朗Android用户被广泛的Smishing活动欺骗
https://threatpost.com/smishing-campaign-iranian-android-users/176679/
黑客在网络钓鱼攻击中越来越多地使用RTF模板注入技术
https://thehackernews.com/2021/12/hackers-increasingly-using-rtf-template.html
DNA检测服务数据泄露影响210万用户
https://www.hackread.com/dna-testing-service-data-breach-users-impacted/
EwDoor僵尸网络瞄准美国公司的AT&T网络边缘设备
https://blog.netlab.360.com/warning-ewdoor-botnet-is-attacking-att-customers_cn/
Quest的Reposource因影响35万名患者的数据泄露而面临患者诉讼
https://www.scmagazine.com/analysis/breach/quests-reprosource-faces-patient-lawsuit-over-data-breach-impacting-350k-patients
Smishing 僵尸网络攻击伊朗
https://research.checkpoint.com/2021/smishing-botnets-going-viral-in-iran/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn