360-CERT每日安全简报
Daily Security Briefing
2019-10-08 星期二
漏洞 Vulnerability
USN-4148-1: 影响Ubuntu的OpenEXR漏洞
https://usn.ubuntu.com/4148-1/
安全工具 Security Tools
Penta:开源的用于自动化渗透测试的一体式CLI工具
https://www.kitploit.com/2019/10/penta-open-source-all-in-one-cli-tool.html
安全报告 Security Report
供应链攻击的演变和未来
https://www.brighttalk.com/webcast/15591/365528
安全资讯 Security Information
美英两国签署犯罪数据共享协议
https://www.infosecurity-magazine.com/news/us-uk-crime-data-sharing/
未打补丁的VPN服务器遭到具有国家背景的网络攻击
https://www.healthcareinfosecurity.com/unpatched-vpn-servers-targeted-by-nation-state-attackers-a-13202
美英澳政府敦促Facebook终止其端到端加密计划
https://nakedsecurity.sophos.com/2019/10/07/governments-urge-facebook-to-hit-pause-on-end-to-end-encryption/
社交媒体平台可能被迫在全球范围内删除非法内容
https://nakedsecurity.sophos.com/2019/10/07/social-media-platforms-can-be-forced-to-delete-illegal-content-worldwide/
安全研究 Security Research
在快速变化的威胁环境中重新思考网络风险
https://www.scmagazine.com/home/opinion/executive-insight/rethinking-cyberisks-amid-a-rapidly-evolving-threat-environment/
如何定义有效的云安全–第3部分:应用于Microsoft Azure
https://www.peerlyst.com/posts/how-to-define-effective-cloud-security-baselines-part-3-application-to-microsoft-azure-guy-bertrand-kamga
Wi-Fi信号使研究人员透过墙壁通过步态识别人员身份
https://nakedsecurity.sophos.com/2019/10/07/wi-fi-signals-let-researchers-id-people-through-walls-from-their-gait
WhatsApp中从UAF到RCE
https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
恶意软件 Malware
6种常见的网络钓鱼攻击及其防范方式
https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn