360-CERT每日安全简报
Daily Security Briefing
2020-08-04 星期二
漏洞 Vulnerability
华硕路由器远程代码执行漏洞通告
https://www.anquanke.com/post/id/212640
CVE-2020-15871:Nexus Repository Manager代码执行通告
https://www.anquanke.com/post/id/212618
SonarQube API未授权下载源代码
https://mp.weixin.qq.com/s/31wVHbvtlFNdPHdaN1JOuQ
安全工具 Security Tools
Windows x64 Syscall Tables
https://github.com/hfiref0x/SyscallTables
安全事件 Security Incident
FBI发布警报:Netwalker勒索软件正在发起快速攻击
https://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655310256&idx=1&sn=43527bab134557815601a2bcf841c54e&chksm=f02fadfbc75824edf34afc442452c795564cc984dd4b0c13b974e9cb830fd380a4c992873175&scene=126&sessionid=1596503819&key=7adf10a6617c6315174d442c5c7ddd
恶意软件 Malware
卡巴斯基对前两周 Garmin 公司被攻击事件及 WastedLocker 勒索软件的分析
https://securelist.com/wastedlocker-technical-analysis/97944/
BlackRock: Android银行木马新秀
https://www.freebuf.com/articles/paper/245318.html
安全研究 Security Research
Rockwell工控软件的5个组合漏洞导致RCE
https://www.zerodayinitiative.com/blog/2020/7/22/chaining-5-bugs-for-code-execution-on-the-rockwell-factorytalk-hmi-at-pwn2own-miami
LNK文件格式解析及伪装
https://xz.aliyun.com/t/8062
AD域中的ACL攻防探索
https://mp.weixin.qq.com/s/YCf-0FiqFfQ7WW0V5JR7jA
Kerberos协议学习及靶场练习
https://www.anquanke.com/post/id/212364
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn