360-CERT每日安全简报
Daily Security Briefing
2020-10-23 星期五
<<Previous
Next>>
漏洞
Vulnerability
CVE-2020-27670:Xen 拒绝服务漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27670
CVE-2020-15999:Chrome Freetype字体库堆溢出漏洞通告
https://cert.360.cn/report/detail?id=44bf46b795e84b3e2fbe46b627db6e34
安全资讯
Security Information
《个人信息保护法(草案)》全文公开征求意见
https://mp.weixin.qq.com/s/f23get2QsJ2KuAWs59DrmQ
安全事件
Security Incident
CISA和FBI发布关于俄罗斯和伊朗APT的联合公告
https://us-cert.cisa.gov/ncas/current-activity/2020/10/22/cisa-and-fbi-release-joint-advisories-regarding-russian-and
斯诺登被授予俄罗斯永久居留权
https://www.securityweek.com/snowden-granted-permanent-residency-russia?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
美国选民数据在黑客论坛上交易
https://www.securityweek.com/us-voter-data-traded-hacker-forums-researchers?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
伊朗黑客组织使用新工具瞄准中东地区的政府机构
https://www.ehackingnews.com/2020/10/iranian-hacker-group-using-new-tools-to.html
安全研究
Security Research
我从GitHub 企业版找到严重的 RCE 漏洞,意外得$2万奖金
https://mp.weixin.qq.com/s/52JvcaAs9qGN8rwISUXYiw
用GPU构建高性能的Fuzzer
https://blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/
Windows 内核提权漏洞分析:CVE-2020-1034
https://www.anquanke.com/post/id/220119
我通过猜测密码破解了特朗普的Twitter
https://threatpost.com/researcher-hacked-trumps-twitter-password/160473/
pcfcms安装页面的一处意料之外的变量注入可导致网站瘫痪
https://www.anquanke.com/post/id/219034
<<Previous
Next>>