MicroSoft发布有关Solorigate攻击活动的分析报告;NSA发布黑客伪造身份验证访问云平台的安全咨询

发布时间 2020-12-20

【分析报告】


MicroSoft发布有关Solorigate攻击活动的分析报告

https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/


NSA发布黑客伪造身份验证访问云平台的安全咨询

https://us-cert.cisa.gov/ncas/current-activity/2020/12/17/nsa-releases-cybersecurity-advisory-detecting-abuse-authentication


【威胁情报】


黑客利用伪造的Cyberpunk游戏传播CoderWare

https://securityaffairs.co/wordpress/112412/malware/fake-cyberpunk-2077-spreads-ransomware.html


【数据泄露】


CRM因Azure Blob配置错误泄露50多万个文件

https://www.theregister.com/2020/12/18/probase_unsecured_azure_blob/


People's Energy遭到攻击,27万用户的信息泄露

https://www.bbc.com/news/technology-55350995