360-CERT每日安全简报
Daily Security Briefing
2020-03-09 星期一
<<Previous
Next>>
漏洞
Vulnerability
Apache ActiveMQ 5.11.1目录遍历/ Shell上传
https://cxsecurity.com/issue/WLB-2020030033
Comtrend VR-3033命令注入漏洞
https://www.cnvd.org.cn/flaw/show/CNVD-2020-15983
安全工具
Security Tools
HoneyBot-捕获,上传和分析网络流量
https://www.kitploit.com/2020/03/honeybot-capture-upload-and-analyze.html
NTLMRecon-一种从启用了NTLM身份验证的Web端点枚举信息的工具
https://www.kitploit.com/2020/03/ntlmrecon-tool-to-enumerate-information.html
恶意软件
Malware
https://securityaffairs.co/wordpress/99156/cyber-crime/coronavirus-spam-campaign.html
以冠状病毒为主题的新垃圾邮件活动发送了FormBook恶意软件
安全事件
Security Incident
Zoho的0-day漏洞poc被披露
https://threatpost.com/critical-zoho-zero-day-flaw-disclosed/153484/
安全资讯
Security Information
Netgear修复了可能允许收购旗舰Nighthawk路由器的重要RCE
https://securityaffairs.co/wordpress/99177/security/netgear-flagship-nighthawk-router-rce.html
Facebook起诉Namecheap以保护人们免受域名欺诈
https://securityaffairs.co/wordpress/99138/social-networks/facebook-namecheap-domain-name-fraud.html
安全研究
Security Research
使用GitHub Actions进行进攻性开发
https://www.mdsec.co.uk/2020/03/offensive-development-with-github-actions/
Molerats向政府和电信组织提供后门服务
https://unit42.paloaltonetworks.com/molerats-delivers-spark-backdoor/
<<Previous
Next>>