360-CERT每日安全简报
Daily Security Briefing
2020-09-07 星期一
漏洞 Vulnerability
WordPress热门插件爆严重漏洞! 影响超过350000个站点!!
https://mp.weixin.qq.com/s/oxrjVw2T0S0w1ff9NkkaDA
CVE-2020-3495:Cisco Jabber的Windows版本中存在远程代码执行漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-UyTKCPGg
安全工具 Security Tools
unimap:一款优化 Nmap 扫描策略的攻击
https://securityonline.info/unimap-reduce-scan-times-with-nmap-for-large-amounts-of-data/
安全报告 Security Report
五眼联盟发布"恶意软件检测和缓解技术方法"报告
https://us-cert.cisa.gov/sites/default/files/publications/AA20-245A-Joint_CSA-Technical_Approaches_to_Uncovering_Malicious_Activity_508.pdf
安全资讯 Security Information
阿根廷的官方移民局网络系统遭受 Netwalker 勒索软件攻击,被迫停止 4 小时服务
https://www.bleepingcomputer.com/news/security/ransomware-attack-halts-argentinian-border-crossing-for-four-hours/
安全研究 Security Research
一个有关 V8 漏洞的细节分析
https://www.elttam.com/blog/simple-bugs-with-complex-exploits/#content
Javascript fuzzing 引擎和利用方式开发的阅读列表
https://zon8.re/posts/javascript-engine-fuzzing-and-exploitation-reading-list/
Windows Server Update Services(WSUS)攻击:PyWSUS简介-第一部分
https://www.gosecure.net/blog/2020/09/03/wsus-attacks-part-1-introducing-pywsus/
DataCon 2020 网络黑产分析方向亚军writeup
https://mp.weixin.qq.com/s/Ots4JVLacoaySqCNwUvzQg
崩溃回溯分析
https://mp.weixin.qq.com/s/iMSXvWdn7RhS97bkYufymQ
恶意软件 Malware
apt32 混淆工具包介绍
https://blog.viettelcybersecurity.com/apt32-deobfuscation-arsenal-deobfuscating-mot-vai-loai-obfucation-toolkit-cua-apt32-phan-1/
TA2719近期活动特征分析
https://mp.weixin.qq.com/s/5GWjGzLLHgRVrVbcRE7cNg
Cofense 发现新的钓鱼策略:伪装成“邮件隔离”通知的钓鱼邮件
https://cofense.com/message-quarantine-campaign-overlying-potential/
攻击者通过 HTTPS 滥用 Google DNS 下载恶意软件
https://www.bleepingcomputer.com/news/security/attackers-abuse-google-dns-over-https-to-download-malware/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn