360CERT - 每日安全简报 (2020-11-17)

<<Previous Next>>

漏洞 Vulnerability

CVE-2020-8767：针对英特尔Quartus Prime中的拒绝服务

https://www.cybersecurity-help.cz/vdb/SB2020111604

安全工具 Security Tools

Rusolver：快速准确的DNS解析器

https://github.com/Edu4rdSHL/rusolver

安全报告 Security Report

Lazarus在韩国的供应链攻击

https://www.welivesecurity.com/2020/11/16/lazarus-supply-chain-attack-south-korea/

安全资讯 Security Information

得克萨斯州将近2800万驾照数据遭受泄露

https://www.fox26houston.com/news/nearly-28-million-licensed-texas-drivers-hit-by-data-breach

安全研究 Security Research

对NtlmShared.dll中的MsvpPasswordValidate进行HOOK

https://offnotes.notso.pro/abusing-credentials/dumping-credentials/msvppasswordvalidate-hook

攻陷Hack The Box上的Intense

https://hackso.me/intense-htb-walkthrough/

缓冲区溢出利用指南

https://github.com/johnjhacking/Buffer-Overflow-Guide

赏金技巧＃9

https://www.infosecmatter.com/bug-bounty-tips-9-nov-16/

在Citrix SD-WAN平台中实现远程代码执行

https://medium.com/realmodelabs/sd-pwn-part-2-citrix-sd-wan-center-another-network-takeover-a9c950a1a27c

恶意软件 Malware

vjw0rm RAT混淆技术分析

https://isc.sans.edu/diary/rss/26792

RansomEXX木马攻击Linux平台

https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/

<<Previous Next>>