360-CERT每日安全简报
Daily Security Briefing
2020-08-11 星期二
漏洞 Vulnerability
vbulletin修复了被披露的0day漏洞
https://www.bleepingcomputer.com/news/security/vbulletin-fixes-ridiculously-easy-to-exploit-zero-day-rce-bug/
CVE-2020-13699:TeamViewer 用户密码破解漏洞通告
https://www.anquanke.com/post/id/213506
安全工具 Security Tools
Arcane - 用于在iOS软件包中添加后门的脚本
https://www.kitploit.com/2020/08/arcane-simple-script-designed-to.html
安全报告 Security Report
DDoS attacks in Q2 2020
https://securelist.com/ddos-attacks-in-q2-2020/98077/
安全资讯 Security Information
Pixel 4a会成为第一个发布时通过ioXt认证的手机
https://security.googleblog.com/2020/08/pixel-4a-is-first-device-to-go-through.html
安全研究 Security Research
深入浅出 ELF
https://paper.seebug.org/1289/
Docker 逃逸小结第一版
https://paper.seebug.org/1288/
sakuraのAFL源码全注释(一)
https://www.anquanke.com/post/id/213430
Google Chrome中的CSP绕过漏洞
https://www.perimeterx.com/tech-blog/2020/csp-bypass-vuln-disclosure/
包含“Backdoor”字样的英特尔泄露代码的初步分析
https://www.secpulse.com/archives/137159.html
Barbervisor: 基于Intel VT-x开发一个snapshot fuzzer
https://blog.talosintelligence.com/2020/08/barbervisor.html
一次对某厂商MacOS客户端软件本地提权漏洞的挖掘与利用
https://www.anquanke.com/post/id/213488
使用Qiling framework和Ghidra分析DLINK DIR-645中的溢出漏洞
https://nahueldsanchez.wordpress.com/2020/08/10/analizing-a-buffer-overflow-in-the-dlink-dir-645-with-qiling-framework-and-ghidra/
恶意软件 Malware
最新的COVID-19相关的样本
https://www.fortinet.com/blog/threat-research/latest-covid-19-variants-from-the-ridiculous-to-the-malicious
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn