360-CERT每日安全简报
Daily Security Briefing
2019-12-30 星期一
安全工具 Security Tools
Nginx日志安全分析脚本
https://www.secpulse.com/archives/121330.html
RansomCoin:一种DFIR工具,用于从二进制文件中提取加密货币地址和其他危害指标
http://feedproxy.google.com/~r/PentestTools/~3/GvziPKgW9H8/ransomcoin-dfir-tool-to-extract.html
安全事件 Security Incident
Iot 厂商Wyze确认泄露240万客户详细信息
https://forums.wyzecam.com/t/updated-12-27-19-data-leak-12-26-2019/79046
恶意软件 Malware
Ryuk勒索软件演变
https://www.bleepingcomputer.com/news/security/ryuk-ransomware-stops-encrypting-linux-folders/
BIOLOAD:FIN7网络犯罪组织的新工具
https://securityaffairs.co/wordpress/95714/malware/fin7-bioload-carbanak-backdoor.html
安全研究 Security Research
PHP动态特性的捕捉与逃逸
https://www.leavesongs.com/PENETRATION/dynamic-features-and-webshell-tricks-in-php.html
谈高效漏洞挖掘之Fuzzing的艺术
https://www.freebuf.com/vuls/221129.html
金融科技网络信息安全法规梳理与解读(三)
https://www.freebuf.com/articles/neopoints/223267.html
挖洞经验 | 如何发现更多的IDOR漏洞(越权漏洞)
https://www.freebuf.com/vuls/223500.html
安全报告 Security Report
针对葡萄牙政府的新型木马 Lampion
https://securityaffairs.co/wordpress/95731/malware/lampion-malware-targets-portugal.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn