360-CERT每日安全简报
Daily Security Briefing
2020-08-03 星期一
<<Previous
Next>>
漏洞
Vulnerability
MacOS <=10.15.5 从用户到内核的本地权限提升链(CVE-2020–9854)
https://objective-see.com/blog/blog_0x4D.html
wdiscuz插件中修补了关键的任意文件上传漏洞(80,000 installed)
https://www.wordfence.com/blog/2020/07/critical-arbitrary-file-upload-vulnerability-patched-in-wpdiscuz-plugin/
ueditor 1.4.3.3 .net版 任意文件上传漏洞分析与复现
https://xz.aliyun.com/t/8065
禅道11.6注入分析
https://xz.aliyun.com/t/8066
未知
Unknown
wpdiscuz插件中修补了关键的任意文件上传漏洞(80,000 installed)
https://www.wordfence.com/blog/2020/07/critical-arbitrary-file-upload-vulnerability-patched-in-wpdiscuz-plugin/
安全资讯
Security Information
FBI锁定Twitter事件背后的三名黑客
https://www.zdnet.com/article/how-the-fbi-tracked-down-the-twitter-hackers/
Windows 7用户指责Microsoft Edge窃取数据
https://www.zdnet.com/article/microsoft-edge-is-malware-says-angry-windows-7-user/
安全工具
Security Tools
burp Shiro回显利用工具
https://github.com/potats0/shiroPoc
安全研究
Security Research
抛砖引玉之CobaltStrike4.1的BOF
https://mp.weixin.qq.com/s/-jU4HrPtB8rD4cmqAKZOZw
再谈几种Nginx后门——发现与修复
https://mp.weixin.qq.com/s/kzNRmpCgOOODI6J5A8L2Jg
插件分享 | 可以查看摄像头快照的“Hikvision插件”
https://mp.weixin.qq.com/s/YExvYQ8RtBvrNC0VwwnV9A
实现网络空间的“挂图作战”:网络空间地理学+可视化技术
https://mp.weixin.qq.com/s/53wDSOuSrvybTtHrh10i-Q
<<Previous
Next>>