360-CERT每日安全简报
Daily Security Briefing
2020-11-19 星期四
漏洞 Vulnerability
CVE-2020-27130:Cisco Security Manager Path Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csm-path-trav-NgeRnqgR
CVE-2020-13671: Drupal 远程代码执行漏洞
https://cert.360.cn/warning/detail?id=6339ee63ba8474528c75686e000b8006
安全事件 Security Incident
勒索软件攻击迫使Web托管提供商Managed.com使服务器脱机
https://www.zdnet.com/article/web-hosting-provider-managed-shuts-down-after-ransomware-attack/
10万个被黑Facebook帐户泄露
https://www.hackread.com/leaked-database-hacked-facebook-accounts/
安全报告 Security Report
火眼对2021年网络空间威胁的预测分析报告
https://content.fireeye.com/predictions/rpt-security-predictions-2021
Cicada 黑客组织针对日本公司的持续性恶意攻击
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-japan-espionage
安全研究 Security Research
特斯拉Powerwall网关可能受到黑客攻击
https://blog.rapid7.com/2020/11/17/dont-put-it-on-the-internet-tesla-backup-gateway-edition/
Chrome浏览器的现代攻击:优化和反优化
https://doar-e.github.io/blog/2020/11/17/modern-attacks-on-the-chrome-browser-optimizations-and-deoptimizations/
PHPMailer 任意文件读取漏洞
https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652486713&idx=1&sn=62b2d92f72008c48c8b97ea97d75ba1d
从CVE-2020-1048到CVE-2020-17001:Windows打印机模块中多个提权漏洞分析
https://www.anquanke.com/post/id/222730
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn