360-CERT每日安全简报
Daily Security Briefing
2020-08-12 星期三
漏洞 Vulnerability
2020-08 补丁日: 微软多个产品高危漏洞安全风险通告
https://cert.360.cn/warning/detail?id=f2569a9474c545a3a107e7cc3935c768
CVE-2020-11976:Apache Wicket 信息泄露漏洞
https://seclists.org/oss-sec/2020/q3/109
Adobe修补了Acrobat和Reader中的11个严重漏洞
https://www.securityweek.com/adobe-patches-11-critical-vulnerabilities-acrobat-and-reader
Google Chrome浏览器漏洞使数十亿用户遭受数据被盗风险
https://www.freebuf.com/news/246300.html
安全研究 Security Research
基于脚本的恶意软件:Internet Explorer攻击的新趋势
https://unit42.paloaltonetworks.com/script-based-malware/
探索Adobe Sandbox - IPC Internals
http://dronesec.pw/blog/2020/08/07/digging-the-adobe-sandbox-internals/
Windows Print Spooler(CVE-2020-1048)补丁绕过
https://www.thezdi.com/blog/2020/8/11/windows-print-spooler-patch-bypass-re-enables-persistent-backdoor
Hacking Zoom:揭示Zoom中的安全漏洞
https://mazinahmed.net/blog/hacking-zoom/
CVE-2020-14644 weblogic iiop反序列化漏洞分析
https://cert.360.cn/report/detail?id=b747e983cd8f70a9eb315c2c7b38fe24
记一次VMware的崩溃调试分析过程
https://mp.weixin.qq.com/s/ODmXAZKz5JVitjzXpUdz9g
Shiro-550 PoC 编写日记
https://mp.weixin.qq.com/s/0cUNkce3ZiUBW6xhF0ODcA
内网横向移动:Kerberos认证与(哈希)票据传递攻击
https://mp.weixin.qq.com/s/n4jdN5bf5YniXCAR0SMr7Q
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn