新Mirai变体Mukashi主要攻击Zyxel NAS设备;TA505利用虚假简历作为诱饵攻击德国企业

发布时间 2020-03-21

【威胁情报】


新Mirai变体Mukashi主要攻击Zyxel NAS设备

https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/  


APT28在去年主要针对Webmail和Exchange邮件服务器

https://www.zdnet.com/article/apt28-has-been-scanning-and-exploiting-vulnerable-email-servers-for-more-than-a-year


TA505利用虚假简历作为诱饵攻击德国企业

https://www.darkreading.com/attacks-breaches/ta505-targets-hr-departments-with-poisoned-cvs-/d/d-id/1337355


【漏洞补丁】


Drupal发布安全更新,修复两个影响CKEditor库的XSS漏洞

https://securityaffairs.co/wordpress/100040/security/drupal-xss-flaws-ckeditor.html


【数据泄露】


Sodinokibi团伙在暗网出售Brooks公司的12GB数据

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-data-leaks-now-sold-on-hacker-forums/