360-CERT每日安全简报
Daily Security Briefing
2021-05-20 星期四
<<Previous
Next>>
漏洞
Vulnerability
Windows TokenMagic 权限提升漏洞 msf 利用代码公开
https://packetstormsecurity.com/files/162605/Microsoft-Windows-TokenMagic-Privilege-Escalation.html
rxvt/rxvt-unicode 本地命令执行漏洞
https://packetstormsecurity.com/files/162621/rxvt-2.7.0-rxvt-unicode-9.22-Code-Execution.html
安全事件
Security Incident
一路向北:Konni APT组织以“朝鲜局势”相关主题为诱饵对俄进行持续定向攻击活动
https://mp.weixin.qq.com/s/DDLLGwumDATr4fRsYtYjQw
APT组织白皮书—来自黎巴嫩的Volatile Cedar
https://mp.weixin.qq.com/s/vJ9AF-dOnmvkq-lY5G7-Vw
“Operation Magichm” 浅谈蔓灵花组织的CHM文件投放与后续操作
https://mp.weixin.qq.com/s/adVxC5CgfHoI8_2dKmUGKw
Codecov黑客获得了Monday.com源代码的访问权限
https://www.bleepingcomputer.com/news/security/codecov-hackers-gained-access-to-mondaycom-source-code/
仅仅9个月,Darkside勒索软件团伙获利9000万美元
https://www.zdnet.com/article/after-just-9-months-darkside-ransomware-gang-brings-in-90-million-in-bitcoin/
Magecart Skimming战术演变
https://blog.malwarebytes.com/cybercrime/2021/05/newly-observed-php-based-skimmer-shows-ongoing-magecart-group-12-activity/
<<Previous
Next>>