360-CERT每日安全简报
Daily Security Briefing
2020-11-10 星期二
安全工具 Security Tools
Routopsy:用于攻击经常被忽略的网络协议
https://securityonline.info/routopsy/
Linux Evil Toolkit:适用于渗透测试人员的各种安全工具
https://github.com/th3void/linux-evil-toolkit
WTWT:一个轻松进行渗透测试的Web应用程序
https://github.com/ascr0b/PCWT
安全报告 Security Report
BITTER组织近期攻击巴基斯坦活动分析
https://mp.weixin.qq.com/s/iTS96lT0IscrSKoyCyDYEw
卢甘斯克组织针对乌克兰的最新定向攻击活动分析
https://mp.weixin.qq.com/s/aMj_EDmTYyAouHWFbY64-A
Vatet,PyXie和Defray777恶意软件家族间的关联
https://unit42.paloaltonetworks.com/vatet-pyxie-defray777/
McAfee网络威胁报告
https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-nov-2020.pdf
Earth Kitsune活动的两个新后门:agfSpy和dneSpy
https://www.trendmicro.com/en_us/research/20/j/operation-earth-kitsune-a-dance-of-two-new-backdoors.html
安全事件 Security Incident
海莲花组织通过虚假网站扩展网络间谍活动
https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/
恶意软件 Malware
Ryuk勒索软件分析
https://www.advanced-intel.com/post/anatomy-of-attack-inside-bazarbackdoor-to-ryuk-ransomware-one-group-via-cobalt-strike
安全资讯 Security Information
电子商务平台X-Cart遭到勒索软件攻击
https://www.zdnet.com/article/ransomware-hits-e-commerce-platform-x-cart/
安全研究 Security Research
使用射频指纹识别ADS-B信号确保正确的飞机源
https://www.rtl-sdr.com/rf-fingerprinting-ads-b-signals-for-security/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn