360-CERT每日安全简报
Daily Security Briefing
2020-10-03 星期六
安全研究 Security Research
ESET:XDSpy网络间谍组织运营达九年之久
https://www.bleepingcomputer.com/news/security/xdspy-cyber-espionage-group-operated-discretely-for-nine-years/
记一次VMware的崩溃调试分析过程
https://www.freebuf.com/vuls/249722.html
win10 1909逆向----探寻文件体系1
https://bbs.pediy.com/thread-262316.htm
软件无线电在智能硬件漏洞挖掘中的应用
https://bbs.pediy.com/thread-262417.htm
逆向win10 1909的MmIsAddressValidEx分析 999912分页
https://bbs.pediy.com/thread-262329.htm
利用AWS IAM权限进行云计算总量泄露
https://medium.com/bugbountywriteup/exploiting-fine-grained-aws-iam-permissions-for-total-cloud-compromise-a-real-world-example-part-5a2f3de4be08
NICER协议深入探讨:SMTP的Internet暴露
https://blog.rapid7.com/2020/10/02/nicer-protocol-deep-dive-internet-exposure-of-smtp/
安全资讯 Security Information
Team Xecuter两名成员被捕 指控销售Switch破解工具
https://www.cnbeta.com/articles/tech/1036363.htm
恶意软件 Malware
“THIEF BOT”银行木马,针对土耳其银行的恶意攻击 暗影安全实验室
https://www.freebuf.com/articles/terminal/249863.html
安全事件 Security Incident
惠普设备管理器后门使攻击者可以控制Windows系统
https://www.bleepingcomputer.com/news/security/hp-device-manager-backdoor-lets-attackers-take-over-windows-systems/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn