360-CERT每日安全简报
Daily Security Briefing
2020-02-29 星期六
漏洞 Vulnerability
NVIDIA修复Windows GPU显卡驱动程序中的严重缺陷
https://www.bleepingcomputer.com/news/security/nvidia-fixes-high-severity-flaw-in-windows-gpu-display-driver/
Intel在2019年修补了其产品中的230多个漏洞
https://www.securityweek.com/intel-patched-over-230-vulnerabilities-its-products-2019
安全工具 Security Tools
强大的红队武器Octopus“吊打”杀软
https://mp.weixin.qq.com/s/a1GIRMayu2SocNeuj-fACA
安全资讯 Security Information
勒索软件周-2020年2月28日-数据泄漏无处不在
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-28th-2020-data-leaks-everywhere/
参议员强调国防部漏洞披露计划的重要性
https://www.nextgov.com/cybersecurity/2020/02/senator-highlights-significance-defense-departments-vulnerability-disclosure-programs/163406/
5G安全:前国土安全部部长和华为首席技术官提供意见
https://www.inforisktoday.com/5g-security-former-dhs-director-huawei-cso-offer-views-a-13811
Microsoft增强Edge的PUA保护
https://www.securityweek.com/microsoft-boosts-pua-protections-edge?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
Facebook起诉SDK制造商秘密收集用户数据
https://www.zdnet.com/article/facebook-sues-sdk-maker-for-secretly-harvesting-user-data/
安全研究 Security Research
Shadowsocks 重定向攻击分析
https://paper.seebug.org/1134/
通过XSS窃取localStorage中的JWT
https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0
使用Ghidra编写脚本,给MacOS Image2Icon打"补丁"
https://duraki.github.io/posts/o/20200227-ghidra-scripting-image2icon.html
云原生之容器安全实践
https://www.anquanke.com/post/id/199816
Mozi恶意样本分析报告
https://mp.weixin.qq.com/s/MYfbvKrc1HMJAmTtigyvEg
使用BPF将SSH会话转换为结构化事件
https://gravitational.com/blog/enhanced-session-recording/
OpenBSD SMTP漏洞分析报告
https://www.freebuf.com/vuls/228494.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn