1. How to use Web Cache Vulnerability Scanner to detect web cache poisoning

【Global Dynamics】

1. Russian authorities arrested the leader of an international cybercrime organization

Russian authorities arrested four members of the international cyber theft gang 'Infraud Organization'. 【Foreign publication-Read Original】

2. The Australian Securities and Investments Commission is collaborating with five companies to develop a corporate information disclosure technology platform

The Australian Securities and Investments Commission (ASIC) announced that it is collaborating with five regulatory technology companies to create a new platform aimed at better handling information of listed companies. 【Foreign publication-Read Original】

3. The Canadian Foreign Ministry was hacked, causing some services to be interrupted 

The Canadian government's diplomatic consular relations department - the Global Affairs Canada department - was subjected to a cyber attack last week. 【Foreign publication-Read Original】

4. Last year, a total of 1862 data leakage incidents were recorded globally, breaking historical records

The report shows that a total of 1862 data breaches occurred in the past year, breaking the highest records of 2020 (1108 cases) and 2017 (1506 cases). 【Read Original】

5. Hackers infiltrated the Belarusian state-owned railway system network to prevent Russian military集结

Hackers in Belarus said on Monday that they had used ransomware to infiltrate the country's state-owned railway system network to demand that the national army stop aiding the Russian army. 【Read Original】

6. Hackers exploited the OpenSea vulnerability to steal and resell NFT content worth $1 million

A vulnerability in the NFT market OpenSea was exploited, with hackers purchasing NFTs at prices far below market value. 【Read Original】

【Security Incident】

1. The CWP vulnerability allows obtaining root privileges on Linux servers

Two security vulnerabilities in the ControlWebPanel (CWP) software can be linked by unauthenticated attackers to gain remote code execution (RCE) with root privileges on the attacked Linux server. 【Foreign Media-Read Original】

2. Android malware BRATA will format your device after stealing data

The Android malware called BRATA has added new dangerous features in its latest version, as well as a feature to reset the device to factory settings to clear all traces of malicious activities. 【Foreign Media-Read Original】

3. Due to the lack of payment options in Dutch dating apps, Apple will face a fine of 5 million euros per week

The Netherlands Consumer and Market Authority will impose a fine of 5 million euros per week on Apple Inc. (Apple) as long as the company continues to prevent the free use of non-Apple payment systems in dating apps. 【Foreign Media-Read Original】

4. Internet services in Burkina Faso and Yemen resume after coups and explosions

Violent events in Yemen and Burkina Faso last week caused network outages, and some internet services in the two countries have been restored. 【Read Original】

5. Ransomware gangs are stepping up efforts to recruit insiders for attacks

A recent survey of 100 large IT companies in North America shows that ransomware participants are working harder to recruit insiders from target companies to assist in attacks. 【Foreign Media-Read Original】

6. The Red Cross is worried that states and cybercriminals will misuse stolen data

The International Committee of the Red Cross (ICRC) has released a new report on cyber attacks that have led to data breaches affecting more than 500,000 vulnerable individuals who receive services from the organization. 【Foreign Media-Read Original】

【High-quality article】

1. How to use Web Cache Vulnerability Scanner to detect web cache poisoning

Web Cache Vulnerability Scanner is a powerful security vulnerability scanning tool. This tool is developed based on the Go language and is a command-line interface (CLI) tool that can help researchers easily detect web cache poisoning issues on websites. 【Read Original】

2. Thousands of corporate email accounts of industrial organizations have been stolen and misused for the next attack

In 2021, Kaspersky's industrial control security experts noticed some anomalies in the statistics of spyware detected on industrial control environment computers. 【Read Original】

3. Flag or Upgrade? Suspected OceanLotus APT organization uses Glitch platform attack sample reappears

The Qianxin Red Rain team has been closely following the attack activities of global APT organizations, including the OceanLotus APT organization. 【Read Original】

*The content of this article is collected from media and publications worldwide. The producers are responsible for its completeness, but not for its authenticity and effectiveness.

*Content marked as [Foreign Media] mainly comes from media and publications in English-speaking countries, and some content requires a free account to read.