360-CERT每日安全简报
Daily Security Briefing
2020-07-30 星期四
安全工具 Security Tools
Intelspy-自动网络侦察扫描工具
https://www.kitploit.com/2020/07/intelspy-perform-automated-network.html
Winstrument:用于Windows应用程序评估的工具框架
https://research.nccgroup.com/2020/07/29/tool-release-winstrument-an-instrumentation-framework-for-windows-application-assessments/
安全研究 Security Research
22岁的黑客利用您的数据寻求LTR;在约会程序OkCupid上发现的漏洞
https://research.checkpoint.com/2020/hacker-22-seeks-ltr-with-your-data-vulnerabilities-found-on-popular-okcupid-dating-app/
在IBM WEBSPHERE中滥用JAVA远程协议
https://www.thezdi.com/blog/2020/7/20/abusing-java-remote-protocols-in-ibm-websphere
CVE-2020-1362 漏洞分析
https://paper.seebug.org/1276/
基于BurpSuit插件打造渗透测试自动化之路
https://www.freebuf.com/sectool/243617.html
内网渗透测试:NTLM Relay攻击分析
https://www.freebuf.com/articles/network/244375.html
BootHole漏洞
https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/?utm_content=135844943&utm_medium=social&utm_source=twitter&hss_channel=tw-865342977442430978
安全事件 Security Incident
在全球范围内识别出9,517个不安全的数据库并拥有100亿条记录
https://www.hackread.com/9517-unsecured-databases-with-10-billion-records/
加密钱包账本数据泄露; 黑客窃取了100万封电子邮件和其他数据
https://www.hackread.com/crypto-wallet-ledger-data-breach-hackers-steal-data/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn