360-CERT每日安全简报
Daily Security Briefing
2020-02-24 星期一
漏洞 Vulnerability
Foxmail存在DLL劫持漏洞
https://www.cnvd.org.cn/flaw/show/CNVD-2020-12839
Catfish Blog存在文件上传漏洞
https://www.cnvd.org.cn/flaw/show/CNVD-2020-12838
安全工具 Security Tools
Ohmybackup-扫描受害者备份目录和备份文件
https://www.kitploit.com/2020/02/ohmybackup-scan-victim-backup.html
DLLPasswordFilterImplant-具有exfilter功能的DLL密码过滤器
https://www.kitploit.com/2020/02/dllpasswordfilterimplant-dll-password.html
安全资讯 Security Information
为特朗普维持安全通信的联邦机构被黑客入侵
https://www.hackread.com/federal-agency-secure-communication-trump-got-hacked/
安全研究 Security Research
Android应用欺诈-Haken Clicker和Joker Premium Dialer
https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/
你能相信你的自动反编译程序吗?
https://unit42.paloaltonetworks.com/autoit-compiled-malware/
CSI:针对目标勒索软件攻击的证据指标–第二部分
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/csi-evidence-indicators-for-targeted-ransomware-attacks-part-ii/
MacOS存储凭据之旅
https://www.mdsec.co.uk/2020/02/getting-what-youre-entitled-to-a-journey-in-to-macos-stored-credentials/
恶意软件 Malware
ObliqueRAT,一种用于攻击东南亚政府目标的新型恶意软件
https://securityaffairs.co/wordpress/98290/malware/obliquerat-targets-govn-entities.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn