360-CERT每日安全简报
Daily Security Briefing
2019-09-21 星期六
漏洞 Vulnerability
IBM安全公告:Eclipse OpenJ9 本地提权漏洞
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-eclipse-openj9-could-allow-a-local-attacker-to-gain-elevated-privileges-on-the-system-and-multiple-binaries-in-ibm-sdk-java-technology-edition-on-the-aix-platform-use-insecure/
CVE-2019-1257:通过BDC反序列化在Microsoft SharePoint上执行代码
https://www.thezdi.com/blog/2019/9/18/cve-2019-1257-code-execution-on-microsoft-sharepoint-through-bdc-deserialization
IBM安全公告:IBM Security QRadar Packet Capture容易受到拒绝服务攻击(CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-3896)
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-security-qradar-packet-capture-is-vulnerable-to-denial-of-service-cve-2019-11477-cve-2019-11478-cve-2019-11479-cve-2019-3896/
安全预警 - 涉及部分华为CloudEngine产品的鉴权不当漏洞
https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190918-01-authentication-cn
安全资讯 Security Information
信通院发布《中国网络安全产业白皮书 (2019年) 》 (附解读下载)
https://www.secrss.com/articles/13770
黑客如何攻击美国F-35隐形战斗机?
https://www.secrss.com/articles/13735
为什么我们应该更加注意Linux威胁
https://www.intezer.com/blog-why-we-should-be-paying-more-attention-to-linux-threats/
英国正积极应对网络战争时代
https://www.secrss.com/articles/13734
上海警方披露最新盗刷手法:手机被盗后,信用卡遭离奇盗刷
https://www.secrss.com/articles/13780
安全研究 Security Research
攻防最前线:恶意软件利用Captcha验证码藏身
https://www.secrss.com/articles/13714
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn