360-CERT每日安全简报
Daily Security Briefing
2020-11-15 星期天
漏洞 Vulnerability
Citrix ADC NetScaler本地文件包含漏洞
https://cxsecurity.com/issue/WLB-2020110115
Sentrifugo 3.2资产远程代码执行
https://cxsecurity.com/issue/WLB-2020110114
安全研究 Security Research
Pay2Key 的研究
https://research.checkpoint.com/2020/pay2key-the-plot-thickens/
足智多谋的macOS恶意软件如何隐藏
https://labs.sentinelone.com/resourceful-macos-malware-hides-in-named-fork/
Sophos UTM 固件反编译 Perl 源码
https://paper.seebug.org/1397/
从网关进入内网到DNS协议出网
https://www.anquanke.com/post/id/222570
华为路由器漏洞CVE-2017-17215复现分析
https://xz.aliyun.com/t/8494
bypass过滤器执行任意URL重定向攻击
https://medium.com/bugbountywriteup/evading-filters-to-perform-the-arbitrary-url-redirection-attack-cce628b9b6a0
安全事件 Security Incident
零售业巨头Cencosud遭遇Egregor勒索软件攻击
https://www.bleepingcomputer.com/news/security/retail-giant-cencosud-hit-by-egregor-ransomware-attack-stores-impacted/
安全工具 Security Tools
Striker-信息和漏洞扫描程序
https://github.com/s0md3v/Striker
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn