报告编号：B6-2021-102799

报告来源：360CERT

报告作者：360CERT

更新日期：2021-10-27

Vulnerability | 漏洞

• F5 Traffix SDC 修复 apache http组件漏洞

https://support.f5.com/csp/article/K20622400

• CVE-2021-42258: BQE BillQuick SQL注入漏洞安全更新

https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware

• CVE-2021-40865: Apache Storm Worker未受权反序列化漏洞安全更新

https://seclists.org/oss-sec/2021/q4/45

Security Incident|安全事件

• 针对巴以地区长达三年的攻击活动揭露

https://cert.360.cn/warning/detail?id=80ddef5e537ffed8df378d9267d115d6

• NOBELIUM组织的新供应链攻击活动

https://www.microsoft.com/security/blog/2021/10/25/nobelium-targeting-delegated-administrative-privileges-to-facilitate-broader-attacks/

• LuoYu 组织使用的恶意软件 WinDealer

https://blogs.jpcert.or.jp/en/2021/10/windealer.html

• 乐购网站遭黑客攻击

https://www.cnbeta.com/articles/tech/1194363.htm

• 黑客利用流行的 BillQuick 计费软件部署勒索软件

https://thehackernews.com/2021/10/hackers-exploited-popular-billquick.html

• 微软：自5月以来，俄罗斯SVR至少入侵了14家IT供应链公司

https://www.bleepingcomputer.com/news/microsoft/microsoft-russian-svr-hacked-at-least-14-it-supply-chain-firms-since-may/