360-CERT每日安全简报
Daily Security Briefing
2020-09-17 星期四
漏洞 Vulnerability
CVE-2020-16875: Microsoft Exchange远程代码执行漏洞通告
https://cert.360.cn/warning/detail?id=1a9e6197b193654c78c1ef1ca3ef090d
CVE-2020-13948: Apache Superset 远程代码执行
https://seclists.org/oss-sec/2020/q3/175
Adobe发布针对Media Encoder的安全更新
https://www.zdnet.com/article/adobe-out-of-band-patch-released-to-tackle-media-encoder-vulnerabilities/#ftag=RSSbaffb68
安全研究 Security Research
Hyper-V DoS 漏洞分析(CVE-2020-0890 )
https://www.anquanke.com/post/id/217525
干漏洞悬赏的四年
https://blog.assetnote.io/2020/09/15/hacking-on-bug-bounties-for-four-years/
图解内存匿名反向映射reverse mapping
https://mp.weixin.qq.com/s/0BhYDU98d-xi7HAbjUPW4w
PSV-2020-0211-Netgear-R8300-UPnP栈溢出漏洞分析
https://www.anquanke.com/post/id/217606
安全事件 Security Incident
新的MrbMiner恶意软件已感染了数千个MSSQL数据库
https://www.zdnet.com/article/new-mrbminer-malware-has-infected-thousands-of-mssql-databases/#ftag=RSSbaffb68
安全工具 Security Tools
AES Finder - 在运行进程中查找AES密钥的程序
https://www.kitploit.com/2020/09/aes-finder-utility-to-find-aes-keys-in.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn