360-CERT每日安全简报
Daily Security Briefing
2020-08-15 星期六
漏洞 Vulnerability
WLB-2020080065:vBulletin论坛5.6.2XSS漏洞
https://cxsecurity.com/issue/WLB-2020080065
恶意软件 Malware
人为操控攻击的 Maze 勒索软件
https://paper.seebug.org/1294/
“匿影”木马升级Rootkit驻留,发展僵尸网络挖矿捞金
https://www.freebuf.com/articles/system/246748.html
安全事件 Security Incident
APT组织Lazarus攻击以色列的数十个组织机构
https://securityaffairs.co/wordpress/107155/apt/north-korea-lazarus-israel.html?utm_source=rss&utm_medium=rss&utm_campaign=north-korea-lazarus-israel
错误配置的AWS S3存储桶上暴露了3.5亿个电子邮件地址
https://www.hackread.com/350-million-email-addresses-misconfigured-aws-s3-bucket/
安全资讯 Security Information
美国德州男子因黑客攻击大型科技公司而被判入狱57个月
http://feedproxy.google.com/~r/Securityweek/~3/EFc2A5vlw9w/texas-man-sentenced-57-months-prison-hacking-major-tech-firm
安全研究 Security Research
数据收集与精减:通过减少SIEM日志分析攻击行为
https://blog.rapid7.com/2020/08/14/data-ingestion-and-data-digestion-what-siem-log-consumption-tells-us-about-modern-attack-patterns/
史上最全Struts2 漏洞复现合集(上)
https://www.freebuf.com/vuls/246768.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn