英国逐日电讯报ES设置过失泄露10TB数据;研发团队修复Apache中路径遍历误差

宣布时间 2021-10-08

【清静运维】


英国逐日电讯报Elasticsearch设置过失泄露10TB数据


https://securityaffairs.co/wordpress/123020/data-breach/the-telegraph-data-leak.html


【误差补丁】


研发团队修复Apache中路径遍历误差(CVE-2021-41773)


https://www.bleepingcomputer.com/news/security/apache-fixes-actively-exploited-zero-day-vulnerability-patch-now/


Google宣布10月份Android更新,修复50多个误差


https://www.securityweek.com/google-patches-over-50-serious-vulnerabilities-android


【威胁情报】


Sophos发明使用Python剧本加密虚拟机的攻击活动


https://www.bleepingcomputer.com/news/security/ransomware-gang-encrypts-vmware-esxi-servers-with-python-script/


【剖析报告】


BlackBerry宣布有关APT41的攻击活动的剖析报告


https://blogs.blackberry.com/en/2021/10/drawing-a-dragon-connecting-the-dots-to-find-apt41