360-CERT每日安全简报
Daily Security Briefing
2020-01-08 星期三
安全工具 Security Tools
LKWA:鲜为人知的Web攻击实验室
https://github.com/weev3/LKWA
CryptoLyzer:一个加密协议分析器
https://gitlab.com/coroner/cryptolyzer
安全事件 Security Incident
FDLP.gov简要分析
https://medium.com/@sshell_/brief-analysis-of-the-fdlp-gov-deface-980caba9c786
US-CERT:伊朗对美军在巴格达的军事打击做出网络反应的潜力告警
https://www.us-cert.gov/ncas/alerts/aa20-006a
安全资讯 Security Information
VPN在勒索软件攻击中广为人知的缺陷
https://www.darkreading.com/attacks-breaches/widely-known-flaw-in-pulse-secure-vpn-being-used-in-ransomware-attacks/d/d-id/1336729
Telegram试图澄清Gram加密项目
https://www.coindesk.com/telegram-tries-to-clarify-gram-crypto-project-amid-ongoing-sec-fight
土耳其监管集团提议新的加密货币规则和法规
https://cryptoslate.com/turkish-regulatory-group-to-propose-new-crypto-rules-and-regulation/
安全研究 Security Research
绕过MyQ Hub
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/we-be-jammin-bypassing-chamberlain-myq-garage-doors
我们如何构建UnpacMe平台
https://www.youtube.com/watch?v=FctDptnYukQ&feature=youtu.be
道德黑客课程—在Azure中构建实验
https://medium.com/@kamran.bilgrami/ethical-hacking-lessons-building-free-active-directory-lab-in-azure-6c67a7eddd7f
为什么在Docker中运行特权容器是个坏主意
https://blog.trendmicro.com/trendlabs-security-intelligence/why-running-a-privileged-container-in-docker-is-a-bad-idea/
跳出单点思维,从上帝视角感知邮件安全态势
https://www.anquanke.com/post/id/196531
安全报告 Security Report
Google Play上发现CVE-2019-2215利用,疑似与SideWinder APT组织存在关联
https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn