360-CERT每日安全简报
Daily Security Briefing
2020-08-16 星期天
<<Previous
Next>>
漏洞
Vulnerability
CVE-2020-1571 Windows安装程序特权提升
https://github.com/klinix5/Windows-Setup-EoP
Apache Solr信息泄露漏洞
https://www.openwall.com/lists/oss-security/2020/08/15/1
恶意软件
Malware
XCSSET Mac间谍软件通过Xcode Projects传播
https://securityaffairs.co/wordpress/107162/malware/xcsset-mac-malware.html
安全研究
Security Research
红队新思路:利用Windows调试框架在.NET进程内直接调用.NET方法
https://mp.weixin.qq.com/s/zz-sU6hz1GBatPj0yHUWdA
基于网络欺骗与浏览器指纹的WEB攻击溯源
https://www.freebuf.com/articles/web/245585.html
在Thymeleaf中利用SSTI
https://www.acunetix.com/blog/web-security-zone/exploiting-ssti-in-thymeleaf/
对PHP环境的攻击
https://srcincite.io/assets/out-of-hand-attacks-against-php-environments.pdf
安全工具
Security Tools
护网自动化脚本
https://mp.weixin.qq.com/s/uHNx28XFZ5M6KwykMC4Jsg
IoT-PT:渗透物联网设备的虚拟环境
https://securityonline.info/pentesting-iot-devices/
<<Previous
Next>>