360-CERT每日安全简报
Daily Security Briefing
2020-07-01 星期三
<<Previous
Next>>
漏洞
Vulnerability
UPnP 协议 CallStranger 漏洞影响数百万设备
https://paper.seebug.org/1258/
Treck TCP/IP协议库多个漏洞安全风险通告
https://www.anquanke.com/post/id/209440
CVE-2020-2021 PAN OS操作系统曝“10分”罕见漏洞
https://www.freebuf.com/news/241526.html
安全工具
Security Tools
Spray:一款功能强大的活动目录凭证密码喷射工具
https://github.com/Greenwolf/Spray
ROADtools - 微软Azure AD渗透框架
https://github.com/dirkjanm/ROADtools
安全报告
Security Report
Bitdefender专门针对StrongPity APT组织木马工具的分析报告
https://www.bitdefender.com/files/News/CaseStudies/study/353/Bitdefender-Whitepaper-StrongPity-APT.pdf
安全资讯
Security Information
Google下架了25个窃取Facebook凭据的Android应用
https://www.zdnet.com/article/google-removes-25-android-apps-caught-stealing-facebook-credentials/
安全研究
Security Research
BIAS:蓝牙冒充攻击
https://www.anquanke.com/post/id/209333
联发科芯片 Rootkit 漏洞分析(CVE-2020-0069)
https://paper.seebug.org/1259/
无需任何身份验证实现远程主机网络接口的枚举
https://airbus-cyber-security.com/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/
恶意软件
Malware
卡巴斯基对工控恶意样本Industroyer的检测与技术分析
https://www.kaspersky.com/enterprise-security/mitre/industroyer
<<Previous
Next>>