360CERT - 每日安全简报 (2020-03-03)

<<Previous Next>>

漏洞 Vulnerability

CVE-2020-8794: OpenSMTPD 远程命令执行漏洞通告

https://cert.360.cn/warning/detail?id=5ed8d8cc121c223ac27d877f9e7b20b9

CVE-2020-9547/CVE-2020-9548：FasterXML/jackson-databind 远程代码执行漏洞通告

https://cert.360.cn/warning/detail?id=f3aa86acf2688e0e410dee9e6ab79bc1

安全工具 Security Tools

virt-what：检测 Linux guest VM 使用的哪种虚拟化技术

https://www.cyberciti.biz/faq/linux-determine-virtualization-technology-command/

安全报告 Security Report

TA505 恶意组织分析报告，包括小组的战术，技术，恶意程序和最新攻击趋势

https://www.fsec.or.kr/user/bbs/fsec/163/344/bbsDataView/1382.do?page=1&column=&search=&searchSDate=&searchEDate=&bbsDataCategory=

针对拉丁美洲网络威胁分析报告

https://wow.intsights.com/rs/071-ZWD-900/images/Dark%20Side%20of%20Latin%20America.pdf

安全研究 Security Research

如何逆向可编程接口控制器

https://anee.me/reversing-programmable-interface-controllers-e835c0471ebb

云平台GCP 元数据API 的攻击方式和防御手段研究

https://github.com/dxa4481/AttackingAndDefendingTheGCPMetadataAPI

Android app篡改检测研究，含验证代码

https://darvincitech.wordpress.com/2020/03/01/yet-another-tamper-detection-in-android/

反虚拟化技术分类总结

https://evasions.checkpoint.com/

Linux Kernel 堆加强机制中的缺陷研究

https://blog.infosectcbr.com.au/2020/03/weaknesses-in-linux-kernel-heap.html

macOS Security Framework 和之前的CVEs 整理分析

https://rekken.github.io/2020/02/26/macOS-Security-Framework-and-Previous-CVEs-CN/

从漏洞开发角度分析Chrome的V8安全

https://sensepost.com/blog/2020/intro-to-chromes-v8-from-an-exploit-development-angle/

伪造Windows凭证的相关技术

https://pentestlab.blog/2020/03/02/phishing-windows-credentials/

Pwning VMware, Part 2：利用 ZDI-19-421, 一个 UHCI 漏洞

https://nafod.net/blog/2020/02/29/zdi-19-421-uhci.html

恶意软件 Malware

冠状病毒热点引发持续攻击事件

https://www.anquanke.com/post/id/199895

Lazaus APT 组织的 C&C 框架分析——Slides

https://github.com/ssp4rk/slides/blob/master/2017%20CSW_Never%20let%20your%20infra%20goes%20malicious.pdf

<<Previous Next>>