CiscoÅû¶Foxit PDFµÄ¶à¸öÊͷźóʹÓÃÎó²î£»£»£»£»£»CleafyÅû¶ÐÂAndroid½©Ê¬ÍøÂçUBELÓëOscorpÓйØ
Ðû²¼Ê±¼ä 2021-07-29Cisco TalosÅû¶×î½üÔÚFoxit PDF ReaderÖз¢Ã÷µÄ¶à¸öÊͷźóʹÓÃÎó²î¡£¡£¡£¡£Foxit PDF ReaderÊÇÏÖÔÚ×îÊ¢ÐеÄPDFÔĶÁÆ÷Ö®Ò»£¬£¬£¬£¬£¬£¬£¬Ö§³Ö½»»¥Ê½ÎĵµºÍ¶¯Ì¬±íµ¥µÄJavaScript¡£¡£¡£¡£´Ë´ÎÅû¶µÄÎó²î°üÀ¨CVE-2021-21831¡¢CVE-2021-21870ºÍCVE-2021-21893£¬£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÓÕʹÓû§·¿ªÌØÖƵĶñÒâPDF£¬£¬£¬£¬£¬£¬£¬À´Ê¹ÓÃÕâЩÎó²îÔÚÄ¿µÄ×°±¸ÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://blog.talosintelligence.com/2021/07/vulnerability-spotlight-use-after-free.html
2.Ñо¿Ö°Ô±Åû¶µç×ÓÓʼþÐ×÷Èí¼þZimbraÖеĶà¸öÎó²î
SonarSourceÑо¿Ö°Ô±Åû¶µç×ÓÓʼþÐ×÷Èí¼þZimbraÖеÄ2¸öÎó²î¡£¡£¡£¡£µÚÒ»¸öÊÇÔÚÈÕÀúÔ¼Çë×é¼þZmMailMsgView.jsÖеĿçÕ¾¾ç±¾Îó²î£¬£¬£¬£¬£¬£¬£¬×·×ÙΪCVE-2021-35208£¬£¬£¬£¬£¬£¬£¬Êܺ¦ÕßÔÚä¯ÀÀÊÕµ½µÄÓʼþʱ¿ÉÄܻᴥ·¢¸ÃÎó²î¡£¡£¡£¡£µÚ¶þ¸öÊÇServletÖеÄProxyServlet.javaÖеĿª·ÅÖØ¶¨ÏòÎó²î£¬£¬£¬£¬£¬£¬£¬×·×ÙΪCVE-2021-35209£¬£¬£¬£¬£¬£¬£¬ÔÊÐíÁбíÈÆ¹ý£¬£¬£¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂЧÀÍÆ÷¶ËµÄÇëÇóαÔìÎó²î¡£¡£¡£¡£Ñо¿Ö°Ô±³Æ£¬£¬£¬£¬£¬£¬£¬Ô¶³Ì¹¥»÷ÕßÁ¬ÏµÊ¹ÓÃÁ½¸öÎó²î¿ÉÒÔÇÔÈ¡¹È¸èÔÆAPIÁîÅÆ»òAWS IAMƾ֤¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/120603/hacking/zimbra-vulnerabilities.html
3.¼ÓÖÝ´óѧʥµØÑǸç·ÖУ³ÆÆäITϵͳÔâµ½ÍøÂç´¹ÂÚ¹¥»÷
¼ÓÖÝ´óѧʥµØÑǸç·ÖУ¿µ½¡ÖÐÐÄ³ÆÆäITϵͳÔâµ½ÍøÂç´¹ÂÚ¹¥»÷µ¼ÖÂÊý¾Ýй¶¡£¡£¡£¡£¸Ã¿µ½¡ÖÐÐÄÊÇÈ«ÃÀ×îºÃµÄÒ½ÔºÖ®Ò»£¬£¬£¬£¬£¬£¬£¬¶à´Î±»ÆÀΪʥµØÑǸç×îºÃµÄÒ½ÁƱ£½¡ÏµÍ³¡£¡£¡£¡£¸Ã»ú¹¹ÔÚ3ÔÂ12ÈÕÊÕµ½ÁË¿ÉÒɻµÄ¾¯±¨£¬£¬£¬£¬£¬£¬£¬²¢ÓÚ4ÔÂ8ÈÕ·¢Ã÷¹¥»÷Õß»á¼ûÁËÆä²¿·ÖÔ±¹¤µÄÓʼþÕÊ»§¡£¡£¡£¡£¾ÊӲ죬£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÄÜÔÚ2020Äê12ÔÂ2ÈÕÖÁ2021Äê4ÔÂ8ÈÕ¼äÇÔÈ¡ÁË»¼Õß¡¢Ô±¹¤ºÍѧÉúµÄСÎÒ˽¼ÒÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬°üÀ¨ÐÕÃû¡¢µØµã¡¢³öÉúÈÕÆÚ¡¢Óʼþ¡¢´«ÕæºÅÂë¡¢ÖÎÁÆÐÅÏ¢¡¢Ò½ÁÆÐÅÏ¢¡¢Éç»áÇå¾²ºÅÂë¡¢Éí·ÝÖ¤ºÅÂë¡¢Ö§¸¶¿¨ºÅÂë»ò½ðÈÚÕʺźÍÇå¾²Â롢ѧÉúÖ¤ºÅÂëÒÔ¼°Óû§ÃûºÍÃÜÂëµÈ¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/
4.ÐÂÀÕË÷ÍÅ»ïBlackMatter³Æ½öÕë¶ÔÄêÊÕÈë1ÒÚÒÔÉϹ«Ë¾
Recorded Future·¢Ã÷ÔÚ±¾ÖÜ×îÏÈÔË×÷µÄÐÂÀÕË÷ÍÅ»ïBlackMatter¡£¡£¡£¡£BlackMatterÏÖÔÚÕýÔÚºÚ¿ÍÂÛ̳ExploitºÍXSSÐû²¼µÄ¹ã¸æÕÐļÏàÖúÕߣ¬£¬£¬£¬£¬£¬£¬²¢ÌåÏÖÄêËûÃǽöÕë¶ÔÊÕÈëΪ1ÒÚÃÀÔª»òÒÔÉϵĹ«Ë¾¡£¡£¡£¡£¸ÃÍÅ»ïÉù³ÆÆäÁ¬ÏµÁËDarksideºÍREviµÄÓÅÊÆ£¬£¬£¬£¬£¬£¬£¬²¢ÒªÇóºÏ×ÊÈ˵ÄÍøÂçÐèÒªÓµÓÐ500µ½15000̨Ö÷»ú£¬£¬£¬£¬£¬£¬£¬ÇÒλÓÚÃÀ¹ú¡¢Ó¢¹ú¡¢¼ÓÄôó»ò°Ä´óÀûÑÇ¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬£¬¸ÃÍÅ»ïÒ²ÔËÓªÁËÒ»¸öÊý¾ÝÐ¹Â¶ÍøÕ¾£¬£¬£¬£¬£¬£¬£¬¿ÉÊǸÃÍøÕ¾ÏÖÔÚÊǿյġ£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://therecord.media/blackmatter-ransomware-targets-companies-with-revenues-of-100-million-and-more/
5.ÄÏ·ÇÎïÁ÷¹«Ë¾Transnet SOCÔâµ½ÀÕË÷¹¥»÷ÔÝʱͣÔË
ÄÏ·ÇÎïÁ÷¹«Ë¾Transnet SOCÔâµ½ÀÕË÷¹¥»÷£¬£¬£¬£¬£¬£¬£¬ÆäËùÓпڰ¶ÂëÍ·ÔÝʱͣÔË¡£¡£¡£¡£¹¥»÷±¬·¢ÔÚ7ÔÂ22ÈÕÐÇÆÚËÄ£¬£¬£¬£¬£¬£¬£¬±¬·¢¹¥»÷ºó¸Ã¹«Ë¾Á¬Ã¦¶ÔÊÂÎñÕö¿ªÊӲ죬£¬£¬£¬£¬£¬£¬²¢½¨ÒéÆäÔ±¹¤ÔÝͣʹÓõç×ÓÓʼþ£¬£¬£¬£¬£¬£¬£¬ÒÔ·À¹¥»÷µÄÉìÕÅ¡£¡£¡£¡£Transnet͸¶£¬£¬£¬£¬£¬£¬£¬¿¨³µÔËÊäʹÓõÄNavisϵͳÊܵ½Ó°Ï죬£¬£¬£¬£¬£¬£¬ÏÖÔÚÊÕÖ§¿Ú°¶µÄ´¬Ö»ÐèÒªÓÉÈ˹¤¼Í¼£¬£¬£¬£¬£¬£¬£¬²¢ÇÒTransnet SOC LtdµÄÍøÕ¾Ò²ÒѾ¹Ø±Õ¡£¡£¡£¡£ÏÖÔÚÉÐδ͸¶ÀÕË÷Èí¼þµÄÀàÐÍ¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/120596/cyber-crime/transnet-soc-cyber-attack.html
6.CleafyÅû¶ÐÂAndroid½©Ê¬ÍøÂçUBELÓëOscorpÓйØ
Òâ´óÀûÇå¾²¹«Ë¾CleafyÅû¶ÐµÄAndroid½©Ê¬ÍøÂçUBELÓëOscorpÓйء£¡£¡£¡£Ñо¿Ö°Ô±ÔÚ2021Äê5ÔÂÖÁ6ÔÂʱ´ú£¬£¬£¬£¬£¬£¬£¬ÔÚÒ°Íâ·¢Ã÷ÁËеÄOscorpÑù±¾£¬£¬£¬£¬£¬£¬£¬Óë´Ëͬʱ£¬£¬£¬£¬£¬£¬£¬Ò»¸öÃûΪUBELµÄÐÂÐÍAndroid½©Ê¬ÍøÂç×îÏÈÔÚºÚ¿ÍÂÛ̳ÉÏÐû´«¡£¡£¡£¡£Í¨Ì«¹ýÎö£¬£¬£¬£¬£¬£¬£¬·¢Ã÷OscorpºÍUBEL¿ÉÒÔÁ´½Óµ½Í³Ò»¸ö¶ñÒâ´úÂë¿â£¬£¬£¬£¬£¬£¬£¬Åú×¢ËüÃÇÊôÓÚͳһÏîÄ¿µÄ·ÖÖ§»òÆäËüºÏ×ÊÈ˵ÄÖØÐÂÃüÃû¡£¡£¡£¡£UBEL¾ßÓжÁÈ¡ºÍ·¢ËÍSMSÐÂÎÅ¡¢Â¼ÖÆÒôƵ¡¢×°ÖúÍɾ³ýÓ¦Óá¢×Ô¶¯Æô¶¯µÈ¹¦Ð§¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://thehackernews.com/2021/07/ubel-is-new-oscorp-android-credential.html