360-CERT每日安全简报
Daily Security Briefing
2020-05-23 星期六
<<Previous
Next>>
漏洞
Vulnerability
CVE-2020-5835:Symantec Endpoint Protection Manager(SEPM)14.2 RU2 MP1特权提升
https://labs.redyops.com/index.php/2020/05/19/sepm-cve-2020-5835/
CVE-2020-13384:Monstra CMS 3.0.4允许远程身份验证的用户通过admin / index.php?id = filesmanager上载和执行任意PHP代码
https://vulmon.com/vulnerabilitydetails?qid=CVE-2020-13384
恶意软件
Malware
Asnarök攻击分析Ⅱ
https://news.sophos.com/en-us/2020/05/21/asnarok2/
如何删除Solo.biz弹出广告
https://sensorstechforum.com/remove-solo-biz-ads/
安全报告
Security Report
伊朗Chafer APT针对科威特和沙特阿拉伯的航空运输和政府进行攻击
https://www.bitdefender.com/files/News/CaseStudies/study/332/Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive.pdf
针对意大利制造业的网络犯罪活动分析
https://yoroi.company/research/cyber-criminal-espionage-operation-insists-on-italian-manufacturing/
狼又来了:WolfRAT分析
https://blog.talosintelligence.com/2020/05/the-wolf-is-back.html
安全事件
Security Incident
GhostDNS源代码泄漏
https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/
美国贸易管制黑名单新增:奇虎360、烽火通信、云从科技、东方网力等33家
https://www.anquanke.com/post/id/206477
安全资讯
Security Information
Sophos阻止了利用XG防火墙0day漏洞将勒索软件分发到Windows主机上
https://securityaffairs.co/wordpress/103590/hacking/sophos-xg-firewall-0day.html
安全研究
Security Research
异常安全分析:如何应对企业电子邮件泄露
https://www.csoonline.com/article/3542636/how-abnormal-security-combats-business-email-compromise.html
Petaq:红队C&C
https://github.com/fozavci/petaqc2
SQL注入基础课程
https://www.youtube.com/playlist?list=PLR0bgGon_WTLZA2Kr3JBld_XvJaMOdMO1
智能制造系统的安全性分析
https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/threats-and-consequences-a-security-analysis-of-smart-manufacturing-systems
<<Previous
Next>>