360-CERT每日安全简报
Daily Security Briefing
2020-10-04 星期天
漏洞 Vulnerability
CVE-2020-25637:libvirt double free漏洞
https://seclists.org/oss-sec/2020/q4/1
CVE-2020-11979:Apache Ant不安全的临时文件漏洞
https://seclists.org/oss-sec/2020/q3/209
安全工具 Security Tools
一个gdb GUI
https://github.com/rohanrhu/gdb-frontend
IOT渗透测试工具集
https://github.com/IoT-PTv/List-of-Tools
二进制文件漏洞缓解检查工具
https://github.com/Wenzel/checksec.py
Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)
https://githacks.org/xerox/voyager
安全资讯 Security Information
Google现在会公开针对第三方设备的Android漏洞
https://www.bleepingcomputer.com/news/security/google-now-discloses-android-vulnerabilities-for-3rd-party-devices/
Microsoft现在提供Windows安装映像的Defender更新
https://www.bleepingcomputer.com/news/security/microsoft-now-provides-defender-updates-for-windows-install-images/
安全研究 Security Research
使用复制和粘贴就可以入侵Grindr帐户
https://www.troyhunt.com/hacking-grindr-accounts-with-copy-and-paste/
Facebook android客户端任意代码执行漏洞
https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f
CVE-2020-6554:chrome extensions UAF漏洞
https://bugs.chromium.org/p/chromium/issues/detail?id=1094235
恶意软件 Malware
FinSpy病毒macOS版分析
https://objective-see.com/blog/blog_0x4F.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn