360-CERT每日安全简报
Daily Security Briefing
2019-10-10 星期四
<<Previous
Next>>
漏洞
Vulnerability
Android 发布 10 月份的漏洞补丁公告
https://source.android.com/security/bulletin/2019-10-01#media-framework
Ghidra软件逆向工程(SRE)框架的9.0.4版本代码执行漏洞
https://twitter.com/NSAGov/status/1179431133278359552
安全工具
Security Tools
DrSemu:基于动态行为的恶意软件检测与分类工具
https://www.freebuf.com/sectool/214277.html
Python编写的功能齐全的开源情报(OSINT)框架:Maryam
https://www.kitploit.com/2019/10/maryam-open-source-intelligence-osint.html
安全报告
Security Report
伊朗APT35攻击活动报告
https://www.clearskysec.com/wp-content/uploads/2019/10/The-Kittens-Are-Back-in-Town-2.pdf
针对伊朗的Cyrus攻击活动披露
https://mp.weixin.qq.com/s/yaLC8gs-U92X6WnYzuuQ7w
Optiv Security发布网络威胁情报评估报告
https://www.optiv.com/explore-optiv-insights/downloads/2019-cyber-threat-intelligence-estimate
安全资讯
Security Information
俄罗斯互联网服务提供商Beeline的870万客户的数据泄露
https://www.zdnet.com/article/data-breach-at-russian-isp-impacts-8-7-million-customers/
法国的ANSSI警告有关针对服务提供商和设计办公室的供应链攻击
https://www.cert.ssi.gouv.fr/cti/CERTFR-2019-CTI-005/
安全研究
Security Research
一文看懂ATT&CK框架以及使用场景实例
https://www.anquanke.com/post/id/187998
流量e魔病毒分析报告
https://www.freebuf.com/articles/terminal/215168.html
Magecart组织和Cobalt组织之间存在联系
https://securityaffairs.co/wordpress/92264/cyber-crime/magecart-cobal-link.html
恶意软件
Malware
针对Linux系统新型Golang勒索软件的分析
https://www.fortinet.com/blog/threat-research/new-golang-ransomware-targeting-linux-systems.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblog%2Fthreat-research+%28Fortinet+Threat+Research+Blog%29
<<Previous
Next>>