Kaspersky披露美国中情局开发的后门Purple Lambert;PHP Composer存在命令注入漏洞

发布时间 2021-05-01

【威胁情报】


Kaspersky披露美国中情局开发的后门Purple Lambert

https://www.hackread.com/kaspersky-cia-malware-backdoor-capabilities/


FiveHands利用SonicWall VPN中0day针对欧美地区

https://thehackernews.com/2021/04/hackers-exploit-sonicwall-zero-day-bug.html


【勒索App】


巴西南里约热内卢司法法院系统感染REvil,被迫关闭

https://www.bleepingcomputer.com/news/security/brazils-rio-grande-do-sul-court-system-hit-by-revil-ransomware/


QNAP发现针对其NAS的设备的勒索AppAgelocker

https://www.bleepingcomputer.com/news/security/qnap-warns-of-agelocker-ransomware-attacks-on-nas-devices/


【漏洞补丁】


PHP Composer存在可导致供应链攻击的命令注入漏洞

https://securityaffairs.co/wordpress/117366/security/php-composer-flaw.html