360-CERT每日安全简报
Daily Security Briefing
2020-08-13 星期四
漏洞 Vulnerability
CVE-2020-1472: NetLogon特权提升漏洞通告
https://cert.360.cn/warning/detail?id=ead0801e639052498d4bf396e08ef775
2020年8月Adobe和Microsoft安全更新回顾
https://www.thezdi.com/blog/2020/8/11/the-august-2020-security-update-review
安全工具 Security Tools
渗透测试POC集合
https://github.com/Mr-xn/Penetration_Testing_POC
安全报告 Security Report
基于TTP的安全狩猎
https://www.mitre.org/sites/default/files/publications/pr-19-3892-ttp-based-hunting.pdf
揭秘工业自动化编程的隐患
https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/unveiling-the-hidden-risks-of-industrial-automation-programming
2020年利用用户进行中继的恶意Tor分析(第一部分)
https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac
Operation PowerFall:利用IE远程代码执行和Windows提权0day的攻击
https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/
骗局:通过传播虚假信息和在线销售欺诈性产品来利用大流行牟取金钱
https://www.riskiq.com/wp-content/uploads/2020/08/ScamNation-RiskIQ-Report.pdf
安全资讯 Security Information
在家里挑战GitLab的CTF
https://about.gitlab.com/blog/2020/08/12/how-to-play-gitlab-ctf-at-home/
山东省德州市构筑政务大数据安全“防火墙”
http://www.sd.xinhuanet.com/2020-08/12/c_1126357346.htm
安全研究 Security Research
调试到.NET
https://blog.xpnsec.com/debugging-into-net/
CVE-2020-1530漏洞分析
https://symeonp.github.io/2020/12/08/phonebook-uaf-analysis.html
恶意软件与检测产品对抗研究
https://blog.dylan.codes/defending-your-malware/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn