360-CERT每日安全简报
Daily Security Briefing
2020-05-27 星期三
<<Previous
Next>>
漏洞
Vulnerability
CVE-2020-3811,CVE-2020-3812: qmail远程代码执行漏洞
https://seclists.org/fulldisclosure/2020/May/42
CVE-2020-0096:StrandHogg 2.0严重的Android漏洞,可使恶意应用伪装成合法应用,窃取用户敏感信息。
https://www.bleepingcomputer.com/news/security/critical-android-bug-lets-malicious-apps-hide-in-plain-sight/
安全工具
Security Tools
SGN: Golang 重写的Shikata ga nai
https://github.com/EgeBalci/sgn
RMIScout: Java RMI爆破工具
https://github.com/BishopFox/rmiscout
安全报告
Security Report
双枪团伙新动向,借云服务管理数十万僵尸网络
https://blog.netlab.360.com/shuang-qiang-zui-xin-huo-dong-fen-xi-bao-gao-nei-bu-bao-gao-ban/
从Agent.BTZ到ComRAT v4:十年的历程
https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf
安全事件
Security Incident
泰国最大的GSM手机运营商(AIS)83亿条数据泄露,包含DNS查询日志和NetFlow日志
https://rainbowtabl.es/2020/05/25/thai-database-leaks-internet-records/?=may-23-2020
安全研究
Security Research
AMSI远程内存补丁分析
https://ntamonsec.blogspot.com/2020/05/amsi-module-remote-in-memory-patch.html?spref=tw&m=1
AppDomainManager注入和检测
https://pentestlaboratories.com/2020/05/26/appdomainmanager-injection-and-detection/
加密固件分析实战
https://www.freebuf.com/articles/terminal/234978.html
<<Previous
Next>>