360-CERT每日安全简报
Daily Security Briefing
2019-11-29 星期五
安全研究 Security Research
深入分析Pwn2Own中使用的WebKit漏洞
https://www.zerodayinitiative.com/blog/2019/11/25/diving-deep-into-a-pwn2own-winning-webkit-bug
攻防演练对抗赛之初识文件钓鱼
https://www.freebuf.com/articles/network/219999.html
用于绕过安全电子邮件网关的特制ZIP文件
https://www.freebuf.com/articles/network/219559.html
QEMU 与 KVM 虚拟化安全研究介绍
https://bbs.pediy.com/thread-224371.htm
QEMU NIC设备模拟
http://lettieri.iet.unipi.it/virtualization/2018/20161124-io-paravirtualization-tour.pdf
QEMU PCI设备模拟
https://github.com/GiantVM/doc/blob/master/pci.md
安全工具 Security Tools
ATFuzzer - Android智能手机AT接口的动态分析
https://www.kitploit.com/2019/11/atfuzzer-dynamic-analysis-of-at.html
Windows系统安全事件日志取证工具:LogonTracer
https://www.freebuf.com/sectool/219786.html
安全资讯 Security Information
Adobe警告称,Magento Marketplace遭遇数据泄露
https://www.databreachtoday.com/magento-marketplace-suffers-data-breach-adobe-warns-a-13452
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn