360CERT - 每日安全简报 (2019-11-05)

<<Previous Next>>

漏洞 Vulnerability

黑客使用NFC在Android智能手机上植入恶意软件

https://wwws.nightwatchcybersecurity.com/2019/10/24/nfc-beaming-bypasses-security-controls-in-android-cve-2019-2114/

安全工具 Security Tools

DECAF：一款基于QEMU的二进制代码分析平台

https://www.freebuf.com/sectool/216773.html

宏工具包–自动混淆和生成恶意Office文档

https://github.com/sevagas/macro_pack

安全报告 Security Report

APT攻击组织“黑格莎（Higaisa）”攻击活动披露

https://dlied6.qq.com/invc/qqpcmgr/skin/1572851347.pdf

unit42关于2019年上半年安全报告

https://unit42.paloaltonetworks.com/web-based-threats-first-half-2019/

安全事件 Security Incident

思科防火墙漏洞被利用攻击美国公司

https://www.eenews.net/assets/2019/10/31/document_ew_03.pdf

首次发现利用Windows BlueKeep RDP缺陷的网络攻击

https://gbhackers.com/mass-cyberattack-bluekeep/

恶意软件 Malware

ATM恶意软件家族Dtrack

https://www.freebuf.com/articles/network/215830.html

美国CERT发布朝鲜特马：HOPLIGHT

https://www.us-cert.gov/ncas/analysis-reports/ar19-304a

安全研究 Security Research

Kudankulam核电站样本分析

https://marcoramilli.com/2019/11/04/is-lazarus-apt38-targeting-critical-infrastructures/

疑似Lazarus针对双平台的攻击活动披露

https://www.anquanke.com/post/id/190189

Laravel 5.8 RCE POP链汇总分析

https://www.anquanke.com/post/id/189718

揭密无文件勒索病毒攻击，思考网络安全新威胁

https://www.freebuf.com/articles/system/218885.html

区块链智能合约控制流识别的大规模实验研究

https://paper.seebug.org/1072/

加密威胁原理篇——恶意程序基础知识

https://www.secpulse.com/archives/117387.html

NSA Hacking Tool Recreation UnitedRake

https://github.com/TheSph1nx/SLICKERMASTER-REV4

<<Previous Next>>