360-CERT每日安全简报
Daily Security Briefing
2020-02-25 星期二
漏洞 Vulnerability
CVE-2020-8861: D-Link任意代码执行漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8861
LTE安全漏洞: 未授权订阅付费服务
https://www.zdnet.com/article/lte-security-flaw-can-be-abused-to-take-out-subscriptions-at-your-expense/
安全资讯 Security Information
PayPal存在未授权付款漏洞
https://www.zdnet.com/article/paypal-accounts-are-getting-abused-en-masse-for-unauthorized-payments/
恶意软件 Malware
Raccoon信息窃取型恶意软件
https://securityaffairs.co/wordpress/98379/malware/raccoon-malware-evolution.html
安全工具 Security Tools
Faraday-漏洞管理自动化平台
https://www.kitploit.com/2020/02/faraday-presents-latest-version-of.html
Dnssearch-子域名枚举工具
https://www.kitploit.com/2020/02/dnssearch-subdomain-enumeration-tool.html
Liffy-本地文件包含漏洞利用工具
https://www.kitploit.com/2020/02/liffy-local-file-inclusion-exploitation.html
安全研究 Security Research
Geacon代码学习&上线指南
https://xz.aliyun.com/t/7259
浅析python沙箱逃逸的magic file
https://xz.aliyun.com/t/7249
MSBuild在渗透测试中的应用(翻译)
https://www.anquanke.com/post/id/199458
安全报告 Security Report
FireEye2020安全趋势报告
https://content.fireeye.com/m-trends/rpt-m-trends-2020
安全事件 Security Incident
丹麦跨国服务公司ISS遭到恶意软件攻击
https://securityaffairs.co/wordpress/98321/malware/iss-reveals-malware-attack.html
Slickwraps数据泄漏影响85万用户
https://securityaffairs.co/wordpress/98364/data-breach/slickwraps-data-leak.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn