360-CERT每日安全简报
Daily Security Briefing
2020-01-20 星期一
<<Previous
Next>>
漏洞
Vulnerability
CVE-2019-19470:TinyWall防火墙本地提权漏洞分析
https://www.anquanke.com/post/id/197436
趋势科技CVE-2019-20357 持久性任意代码执行漏洞
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124099.aspx
安全工具
Security Tools
微软发布软件源代码分析工具
https://github.com/Microsoft/ApplicationInspector
安全报告
Security Report
金融行业研究报告--网络风险与美国金融体系
https://www.newyorkfed.org/medialibrary/media/research/staff_reports/sr909.pdf
安全资讯
Security Information
欧盟可能会禁止面部识别5年
https://www.ehackingnews.com/2020/01/european-union-likely-to-ban-facial.html
乌兹别克斯坦当局启动国家矿池
https://www.ehackingnews.com/2020/01/the-authorities-of-uzbekistan-to-launch.html
TA428对于伊朗与美国之间最近的冲突的滥用
https://twitter.com/stevelord/status/1218801022363000833
未修补的IE浏览器零日漏洞影响数百万的Windows用户
https://gbhackers.com/ie-zero-day-vulnerability/
自2019年10月以来,360安全中心已成功拦截了针对外贸,运输和几个重要海港的多次网络攻击
https://twitter.com/360TotalSec/status/1218816654097862657
安全研究
Security Research
HTB-Craft 一次从git入手的渗透练习
https://www.anquanke.com/post/id/197432
Windows 10帮助文件chm格式漏洞挖掘
https://www.anquanke.com/post/id/197417
TrickBot使用Windows 10 UAC旁路进行逃避检测
https://www.bleepingcomputer.com/news/security/trickbot-now-uses-a-windows-10-uac-bypass-to-evade-detection/
Android VoIP组件中的8种网络安全风险
https://daoyuan14.github.io/papers/TR19_VoIPFuzzing.pdf
恶意软件
Malware
针对沙特的恶意软件ZeroCleare攻击活动。后续特马为:Dustman
https://securityintelligence.com/posts/enter-dustman-new-wiper-takes-after-zerocleare-targets-organizations-in-saudi-arabia/
<<Previous
Next>>