360-CERT每日安全简报
Daily Security Briefing
2020-10-24 星期六
安全工具 Security Tools
Fuzzilli:JavaScript Engine模糊测试库
https://www.darknet.org.uk/2020/10/fuzzilli-javascript-engine-fuzzing-library
Serval:用于渗透测试练习的Netcat风格的后门程序
https://github.com/tgadola/serval
eggos:在x86上运行的Go unikernel
https://github.com/icexin/eggos
安全资讯 Security Information
疑似俄罗斯APT组织针对美国发起攻击
https://us-cert.cisa.gov/ncas/alerts/aa20-296a
二维码骗局卷土重来
https://blog.malwarebytes.com/scams/2020/10/qr-code-scams-are-making-a-comeback/
安全研究 Security Research
两个VMWARE WORKSTATION TOCTOU漏洞分析
https://www.zerodayinitiative.com/blog/2020/10/22/detailing-two-vmware-workstation-toctou-vulnerabilities
跨站点脚本攻击:如何防止XSS漏洞
https://fedtechmagazine.com/article/2020/10/cross-site-scripting-attacks-how-prevent-xss-vulnerabilities-perfcon
容器比虚拟机更安全吗?
https://www.intezer.com/blog/cloud-security/are-containers-more-secure-than-vms/
恶意软件 Malware
LockBit勒索软件分析
https://news.sophos.com/en-us/2020/10/21/lockbit-attackers-uses-automated-attack-tools-to-identify-tasty-targets/
CIS统计的2020年9月十大恶意软件
https://www.securitymagazine.com/articles/93707-center-for-internet-security-top-10-malware-in-september-2020
安全报告 Security Report
克什米尔僵尸网络犯罪活动 - 第一部分
https://www.imperva.com/blog/crimeops-of-the-kashmirblack-botnet-part-i/
seedworm:伊朗相关的APT组织继续将目标对准中东地区
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/seedworm-apt-iran-middle-east
APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析
https://mp.weixin.qq.com/s/6R7bFs9lH1I3BNdkatCC9g
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn