360-CERT每日安全简报
Daily Security Briefing
2020-10-01 星期四
<<Previous
Next>>
漏洞
Vulnerability
DPDK 多个高危漏洞通告
https://cert.360.cn/warning/detail?id=c79a0e0e6c96d05d935ec0bf66b279a1
CVE‑2020‑5981:NVIDIA D3D10驱动程序nvwgf2umx_cfg.dll nvwg MOV代码执行漏洞
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1035
安全研究
Security Research
CVE-2020-9496:Apache Ofbiz 反序列化漏洞分析
https://cert.360.cn/report/detail?id=ba5eeaf8536ba73611dd4abd198c4eb9
ShadowMove:隐蔽的横向移动策略
https://www.anquanke.com/post/id/218560
samsung漏洞挖掘
https://www.anquanke.com/post/id/218615
CVE-2020-5405 Spring Cloud Config 路径穿越漏洞浅析
https://xz.aliyun.com/t/8303
安全报告
Security Report
Microsoft 365和Azure Active Directory后门检测分析报告
https://www.fireeye.com/blog/threat-research/2020/09/detecting-microsoft-365-azure-active-directory-backdoors.html
APT‑C‑23小组发展了其Android间谍软件
https://www.welivesecurity.com/2020/09/30/aptc23-group-evolves-its-android-spyware/
恶意软件
Malware
Ttint: 一款通过2个0-day漏洞传播的IoT远控木马
https://mp.weixin.qq.com/s/1MHi_2T2PApnYzbySdn_2Q
Joker 恶意软件通过上传到 Google Play 商店促使用户下载
https://www.zscaler.com/blogs/security-research/joker-playing-hide-and-seek-google-play
<<Previous
Next>>