360-CERT每日安全简报
Daily Security Briefing
2020-03-24 星期二
漏洞 Vulnerability
微软紧急发布Type 1字体解析远程代码执行漏洞通告
https://cert.360.cn/warning/detail?id=c8bb787fcff2fe682305d01480251226
CNVD-2020-18982: GitLab不当授权漏洞
https://www.cnvd.org.cn/flaw/show/CNVD-2020-18982
libmicrodns: 多个漏洞
https://blog.talosintelligence.com/2020/03/vuln-spotlight-videolabs-microdns.html
安全工具 Security Tools
FinalRecon 一体化 OSINT 工具
https://www.kitploit.com/2020/03/finalrecon-v102-osint-tool-for-all-in.html
Starkiller: PowerShell Empire前端显示框架
https://www.kitploit.com/2020/03/starkiller-frontend-for-powershell.html
安全资讯 Security Information
澳大利亚政府利用ISP阻止暴力内容
https://www.zdnet.com/article/isps-to-continue-blocking-graphic-violent-content-in-australia/
安全研究 Security Research
CVE-2020-8597 pppd 漏洞分析
https://xz.aliyun.com/t/7407
CVE-2019-3778 Spring-Security-OAuth2 漏洞分析
https://xz.aliyun.com/t/7409
CTF 一个union引发的惨案
https://xz.aliyun.com/t/7410
微信远程攻击面简单的研究与分析
https://www.anquanke.com/post/id/201566
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn