360-CERT每日安全简报(2020-08-25)

  • A+
所属分类:安全新闻

报告编号:B6-2020-082501

报告来源:360CERT

报告作者:360CERT

更新日期:2020-08-25


0x01 安全报告 Security Report

一周威胁情报公告

https://research.checkpoint.com/2020/24th-august-threat-intelligence-bulletin/

COVID-19专项威胁分析报告

https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-july-2020.pdf

提高企业可视性:Mitre ATT&CK的集成防御部署

https://pentestmag.com/increasing-enterprise-visibility-integrated-defense-with-mitre-attck/

0x02 安全研究 Security Research

Ettercap与攻击技术研究教程

https://pentestmag.com/ettercap-tutorial-for-windows/

PHP 对象反序列化的安全漏洞分析

https://medium.com/bugbountywriteup/demystifying-insecure-deserialization-in-php-684cab9c4d24

破解D-Link DIR3060固件加密

https://0x434b.dev/breaking-the-d-link-dir3060-firmware-encryption-recon-part-1/

JavaScript Fuzzing 资料列表

https://zon8.re/posts/javascript-engine-fuzzing-and-exploitation-reading-list/

WebSphere远程代码执行漏洞分析(CVE-2020-4450)

https://lucifaer.com/2020/08/21/WebSphere%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%EF%BC%88CVE-2020-4450%EF%BC%89/

0x03 恶意软件 Malware

伊朗Dharma勒索软件

https://www.group-ib.com/media/iran-cybercriminals/

0x04 安全事件 Security Incident

网络攻击导致多个加拿大政府服务中断*

https://www.welivesecurity.com/2020/08/24/cyber-attacks-canada-revenue-agency-government/

加拿大快递公司Canpar Express遭受勒索软件攻击

https://securityaffairs.co/wordpress/107476/cyber-crime/canpar-express-ransomware.html

360-CERT每日安全简报(2020-08-25)推荐阅读:

1、【严重】宝塔面板数据库管理未授权访问漏洞通告

2、安全运营周刊第五期

3、360-CERT每日安全简报(2020-08-21)


长按下方二维码关注360CERT!谢谢你的关注!

360-CERT每日安全简报(2020-08-25)

注:360CERT官方网站提供 《360-CERT每日安全简报(2020-08-25)》 完整详情,点击阅读原文


发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: