360-CERT每日安全简报
Daily Security Briefing
2020-09-18 星期五
漏洞 Vulnerability
CVE-2020-1472:Zerologon漏洞微软补丁分析
https://blog.0patch.com/2020/09/micropatch-for-zerologon-perfect.html
CVE-2020-9496:通过对不可信数据进行反序列化,实现在APACHE OFBIZ XMLRPC进行RCE
https://www.zerodayinitiative.com/blog/2020/9/14/cve-2020-9496-rce-in-apache-ofbiz-xmlrpc-via-deserialization-of-untrusted-data
安全事件 Security Incident
两名伊朗国民被控针对美国,欧洲和中东的计算机系统进行网络盗窃运动
https://www.justice.gov/opa/pr/two-iranian-nationals-charged-cyber-theft-campaign-targeting-computer-systems-united-states
安全报告 Security Report
季风行动 - 蔓灵花(APT-C-08)组织大规模钓鱼攻击活动披露
https://mp.weixin.qq.com/s/KsEyD0HpKMcuZbBcYADpAA
提菩行动:来自南亚APT组织“魔罗桫”的报复性定向攻击
https://mp.weixin.qq.com/s/L5ZhA6B33sq57P2weHlt8w
苦象组织近期网络攻击活动及泄露武器分析
https://mp.weixin.qq.com/s/31jCvYysBKUGfmetnyep0Q
安全研究 Security Research
构建自定义的Mimikatz二进制文件
https://s3cur3th1ssh1t.github.io/Building-a-custom-Mimikatz-binary/
MemFuck:绕过用户模式hook工具
https://winternl.com/memfuck/
ZeroLogon防御性指南
https://www.lares.com/blog/from-lares-labs-defensive-guidance-for-zerologon-cve-2020-1472/
FFUF指南
https://codingo.io/tools/ffuf/bounty/2020/09/17/everything-you-need-to-know-about-ffuf.html
虚拟机逃逸漏洞的利用思路与方法
https://mp.weixin.qq.com/s/aAm3Jx0B-BDkWUa2Zln8wA
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn