360-CERT每日安全简报
Daily Security Briefing
2020-05-27 星期三
漏洞 Vulnerability
CVE-2020-3811,CVE-2020-3812: qmail远程代码执行漏洞
https://seclists.org/fulldisclosure/2020/May/42
CVE-2020-0096:StrandHogg 2.0严重的Android漏洞,可使恶意应用伪装成合法应用,窃取用户敏感信息。
https://www.bleepingcomputer.com/news/security/critical-android-bug-lets-malicious-apps-hide-in-plain-sight/
安全工具 Security Tools
SGN: Golang 重写的Shikata ga nai
https://github.com/EgeBalci/sgn
RMIScout: Java RMI爆破工具
https://github.com/BishopFox/rmiscout
安全报告 Security Report
双枪团伙新动向,借云服务管理数十万僵尸网络
https://blog.netlab.360.com/shuang-qiang-zui-xin-huo-dong-fen-xi-bao-gao-nei-bu-bao-gao-ban/
从Agent.BTZ到ComRAT v4:十年的历程
https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf
安全事件 Security Incident
泰国最大的GSM手机运营商(AIS)83亿条数据泄露,包含DNS查询日志和NetFlow日志
https://rainbowtabl.es/2020/05/25/thai-database-leaks-internet-records/?=may-23-2020
安全研究 Security Research
AMSI远程内存补丁分析
https://ntamonsec.blogspot.com/2020/05/amsi-module-remote-in-memory-patch.html?spref=tw&m=1
AppDomainManager注入和检测
https://pentestlaboratories.com/2020/05/26/appdomainmanager-injection-and-detection/
加密固件分析实战
https://www.freebuf.com/articles/terminal/234978.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn