360-CERT每日安全简报
Daily Security Briefing
2019-12-14 星期六
安全工具 Security Tools
Unfurl介绍
https://dfir.blog/introducing-unfurl/
com代码助手
https://github.com/fboldewin/COM-Code-Helper
英特尔PT日志分析器
https://github.com/ohjeongwook/iptanalyzer
EKFiddle:一个基于Fiddler Web调试器的框架,用于研究漏洞利用工具包,恶意广告和恶意流量
https://github.com/malwareinfosec/EKFiddle
安全事件 Security Incident
Zeppelin勒索软件瞄准科技和健康公司
https://securityaffairs.co/wordpress/94993/cyber-crime/zeppelin-ransomware.html
BlackTech黑客组织在恶意软件中使用API​​挂钩技术来逃避检测和攻击政府网络
https://gbhackers.com/api-hooking-technique/
安全资讯 Security Information
全球网络安全市场将在2020年至2029年实现健康增长
https://soundonsoundfest.com/2019/12/13/global-cyber-security-market-to-witness-a-healthy-growth-during-2020-to-2029/
CVE-2019-14899:攻击者可以利用此漏洞嗅探,劫持和篡改VPN隧道连接
https://www.zdnet.com/article/new-vulnerability-lets-attackers-sniff-or-hijack-vpn-connections/
安全研究 Security Research
Google OpenTitan,硬件安全的泰坦之箭?
https://www.anquanke.com/post/id/194889
安全报告 Security Report
GALLIUM犯罪集团瞄准全球电信公司
https://www.microsoft.com/security/blog/2019/12/12/gallium-targeting-global-telecom/
疑似FIN8网络犯罪集团近期针对加油机商家的攻击报告
http://click.broadcasts.visa.com/xfm/?30761/0/0624013ddc6f39785bf56d504f3b812e/lonew
Gamework行动:BlueAlpha与伊朗APT之间存在基础设施重叠
https://go.recordedfuture.com/hubfs/reports/cta-2019-1212.pdf
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn