360-CERT每日安全简报
Daily Security Briefing
2021-01-11 星期一
漏洞 Vulnerability
CVE-2020-11800 zabbix RCE漏洞细节披露
https://xz.aliyun.com/t/8991
安全工具 Security Tools
emp3r0r 一款Linux后渗透框架
https://github.com/jm33-m0/emp3r0r
安全资讯 Security Information
与朝鲜相关的APT37组织通过RokRat Trojan攻击韩国
https://securityaffairs.co/wordpress/113134/malware/apt37-rokrat-trojan.html
TeamTNT僵尸网络现能窃取Docker API登录以及AWS证书
https://www.ehackingnews.com/2021/01/ezuri-crypter-being-used-to-evade.html
对美银行入侵的俄罗斯黑客被判12年徒刑
https://www.bloomberg.com/news/articles/2021-01-07/russian-in-massive-jpmorgan-hack-gets-12-years-in-prison
安全研究 Security Research
CDN 2021 完全攻击指南 (一)
https://www.anquanke.com/post/id/227818
常见设备、中间件的默认密码
https://github.com/ihebski/DefaultCreds-cheat-sheet
使用YARA规则对Windows事件日志进行操作
https://blog.dylan.codes/pwning-windows-event-logging/
mimikatz如何绕过win defender
https://www.youtube.com/watch?v=9pwMCHlNma4
一个普通网安从业人员的2020
https://mp.weixin.qq.com/s/PYCIMOk8_wUg7eLFEVOoUQ
组策略限制3389登录的绕过方式
https://mp.weixin.qq.com/s/4eDNmiiXp7afLKdYzHeb3Q
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn