360-CERT每日安全简报
Daily Security Briefing
2020-08-02 星期天
漏洞 Vulnerability
OpenSSH 命令注入漏洞 (CVE-2020-15778)
https://weixin.shuziguanxing.com/selectDetailsTempateId/544
Nexus Repository Manager 高危漏洞
https://weixin.shuziguanxing.com/selectDetailsTempateId/541
恶意软件 Malware
朝鲜黑客利用虚假招聘信息对美发起新一轮攻击
https://www.freebuf.com/news/245154.html
FIN7与 Carbanak样本同源分析
https://threatintelligence.blog/OPBlueRaven-Part1/
GuLoader 自被披露滥用 CloudEye 的保护后再度重启
https://blog.malwarebytes.com/threat-analysis/2020/07/malspam-campaign-caught-using-guloader-after-service-relaunch/
ProLock 勒索软件分析
https://news.sophos.com/en-us/2020/07/27/prolock-ransomware-gives-you-the-first-8-kilobytes-of-decryption-for-free/
安全报告 Security Report
疫情期间游戏行业网络攻击报告
https://mp.weixin.qq.com/s/KNqt78V9AaHEnEktd44MuA
安全事件 Security Incident
火眼曝光老毛的攻击活动,GRU篡改目标国家新闻,影响舆论
https://www.fireeye.com/blog/threat-research/2020/07/ghostwriter-influence-campaign.html
安全资讯 Security Information
佛罗里达17岁少年策划Twitter比特币骗局被捕
https://www.zdnet.com/article/how-the-fbi-tracked-down-the-twitter-hackers/#ftag=RSSbaffb68
安全研究 Security Research
恶意ELF二进制文件相似度比较及可视化
https://www.freebuf.com/articles/system/243764.html
NETGEAR httpd缓冲区溢出漏洞分析
https://mp.weixin.qq.com/s/bDCOmABucnhPfquvEmH0hA
Chunk Extend and Overlapping笔记
https://mp.weixin.qq.com/s/TbOwFMRfTCHqk143lZHP4A
容器安全:Doki 感染云中的 Docker 服务器
https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn