360-CERT每日安全简报
Daily Security Briefing
2020-03-03 星期二
<<Previous
Next>>
漏洞
Vulnerability
CVE-2020-8794: OpenSMTPD 远程命令执行漏洞通告
https://cert.360.cn/warning/detail?id=5ed8d8cc121c223ac27d877f9e7b20b9
CVE-2020-9547/CVE-2020-9548:FasterXML/jackson-databind 远程代码执行漏洞通告
https://cert.360.cn/warning/detail?id=f3aa86acf2688e0e410dee9e6ab79bc1
安全工具
Security Tools
virt-what:检测 Linux guest VM 使用的哪种虚拟化技术
https://www.cyberciti.biz/faq/linux-determine-virtualization-technology-command/
安全报告
Security Report
TA505 恶意组织分析报告,包括小组的战术,技术,恶意程序和最新攻击趋势
https://www.fsec.or.kr/user/bbs/fsec/163/344/bbsDataView/1382.do?page=1&column=&search=&searchSDate=&searchEDate=&bbsDataCategory=
针对拉丁美洲网络威胁分析报告
https://wow.intsights.com/rs/071-ZWD-900/images/Dark%20Side%20of%20Latin%20America.pdf
安全研究
Security Research
如何逆向可编程接口控制器
https://anee.me/reversing-programmable-interface-controllers-e835c0471ebb
云平台GCP 元数据API 的攻击方式和防御手段研究
https://github.com/dxa4481/AttackingAndDefendingTheGCPMetadataAPI
Android app篡改检测研究,含验证代码
https://darvincitech.wordpress.com/2020/03/01/yet-another-tamper-detection-in-android/
反虚拟化技术分类总结
https://evasions.checkpoint.com/
Linux Kernel 堆加强机制中的缺陷研究
https://blog.infosectcbr.com.au/2020/03/weaknesses-in-linux-kernel-heap.html
macOS Security Framework 和之前的CVEs 整理分析
https://rekken.github.io/2020/02/26/macOS-Security-Framework-and-Previous-CVEs-CN/
从漏洞开发角度分析Chrome的V8安全
https://sensepost.com/blog/2020/intro-to-chromes-v8-from-an-exploit-development-angle/
伪造Windows凭证的相关技术
https://pentestlab.blog/2020/03/02/phishing-windows-credentials/
Pwning VMware, Part 2:利用 ZDI-19-421, 一个 UHCI 漏洞
https://nafod.net/blog/2020/02/29/zdi-19-421-uhci.html
恶意软件
Malware
冠状病毒热点引发持续攻击事件
https://www.anquanke.com/post/id/199895
Lazaus APT 组织的 C&C 框架分析——Slides
https://github.com/ssp4rk/slides/blob/master/2017%20CSW_Never%20let%20your%20infra%20goes%20malicious.pdf
<<Previous
Next>>