360-CERT每日安全简报
Daily Security Briefing
2020-03-28 星期六
漏洞 Vulnerability
多款Tenda路由器存在缓冲区溢出漏洞
https://www.cnvd.org.cn/flaw/show/CNVD-2020-15064
Jackson-databind JDNI利用链黑名单更新漏洞修复通告
https://www.anquanke.com/post/id/201947
安全工具 Security Tools
XCTR-Hacking-Tools:一款多合一功能的信息收集工具
https://www.freebuf.com/sectool/229270.html
安全资讯 Security Information
Firefox 76将具有强制支持仅HTTPS连接的选项
https://nakedsecurity.sophos.com/2020/03/27/firefox-76-will-have-option-to-enforce-https-only-connections/
维珍媒体可能为影响90万客户的泄密事件支付45亿英镑
https://www.darkreading.com/cloud/virgin-media-could-pay--gb-pound-45b-for-leak-affecting-900000-customers/d/d-id/1337433?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
安全研究 Security Research
AZORult窃密木马详细分析报告
https://mp.weixin.qq.com/s/r5mv9tkgPJAx4qwaWQ486w
勒索迷宫
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/#_ftn4
IoT 上 SSL 安全开发小结
https://paper.seebug.org/1157/
DrayTek Vigor企业级路由器和交换机设备在野0-day 漏洞分析报告
https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices/
CVE-2020-3119 Cisco CDP 协议栈溢出漏洞分析
https://paper.seebug.org/1154/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn