360-CERT每日安全简报
Daily Security Briefing
2019-10-10 星期四
漏洞 Vulnerability
Android 发布 10 月份的漏洞补丁公告
https://source.android.com/security/bulletin/2019-10-01#media-framework
Ghidra软件逆向工程(SRE)框架的9.0.4版本代码执行漏洞
https://twitter.com/NSAGov/status/1179431133278359552
安全工具 Security Tools
DrSemu:基于动态行为的恶意软件检测与分类工具
https://www.freebuf.com/sectool/214277.html
Python编写的功能齐全的开源情报(OSINT)框架:Maryam
https://www.kitploit.com/2019/10/maryam-open-source-intelligence-osint.html
安全报告 Security Report
伊朗APT35攻击活动报告
https://www.clearskysec.com/wp-content/uploads/2019/10/The-Kittens-Are-Back-in-Town-2.pdf
针对伊朗的Cyrus攻击活动披露
https://mp.weixin.qq.com/s/yaLC8gs-U92X6WnYzuuQ7w
Optiv Security发布网络威胁情报评估报告
https://www.optiv.com/explore-optiv-insights/downloads/2019-cyber-threat-intelligence-estimate
安全资讯 Security Information
俄罗斯互联网服务提供商Beeline的870万客户的数据泄露
https://www.zdnet.com/article/data-breach-at-russian-isp-impacts-8-7-million-customers/
法国的ANSSI警告有关针对服务提供商和设计办公室的供应链攻击
https://www.cert.ssi.gouv.fr/cti/CERTFR-2019-CTI-005/
安全研究 Security Research
一文看懂ATT&CK框架以及使用场景实例
https://www.anquanke.com/post/id/187998
流量e魔病毒分析报告
https://www.freebuf.com/articles/terminal/215168.html
Magecart组织和Cobalt组织之间存在联系
https://securityaffairs.co/wordpress/92264/cyber-crime/magecart-cobal-link.html
恶意软件 Malware
针对Linux系统新型Golang勒索软件的分析
https://www.fortinet.com/blog/threat-research/new-golang-ransomware-targeting-linux-systems.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblog%2Fthreat-research+%28Fortinet+Threat+Research+Blog%29
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn