1、GoblinPanda组织的一个样本分析。跟8月低卡巴的报告可以一起看。C2:jkncj.com
https://medium.com/@Sebdraven/rtf-royal-road-drops-a-new-backdoor-mfc-and-links-with-goblin-panda-90db06f80611
2、通过分析DNS活动发现可疑的APT行为,论文,研究用。
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7038486/
3、BuggleBoys……我我我我……不认识,哈哈哈哈
https://www.cert.ug/financial-sector-security-advisory
4、Evilnum
https://www.cybereason.com/blog/no-rest-for-the-wicked-evilnum-unleashes-pyvil-rat
技术分享
1、OSINT,监控火灾……同样可以做地理图谱监控,对老美的。
https://www.thefuldagap.com/2019/07/25/osint-wildfire-monitoring-tools/
2、Search Engine Improvements。shodan改进
https://blog.shodan.io/search-engine-improvements/
3、恶意软件规则,可以用在产品或者其他地方。
https://github.com/elastic/detection-rules/tree/main/rules/azure
漏洞相关
1、疑似一个宝贝:Windows 10沙盒Hyper-V激活小范围有零日漏洞
https://www.bleepingcomputer.com/news/security/windows-10-sandbox-activation-enables-zero-day-vulnerability/
2、MoFi Routers漏洞
https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers/
3、RCE,Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN
https://cve.circl.lu/cve/CVE-2020-2498
4、??????????????????????
https://www.ehackingnews.com/2020/09/chinese-hackers-targeted-about-five.html
网络战与网络情报
1、澳大利亚傻逼智库分析tiktok和wechat与兔子关系。看一下他们的思路方向,不能太相信这个报告。
https://www.aspi.org.au/report/tiktok-wechat
https://s3-ap-southeast-2.amazonaws.com/ad-aspi/2020-09/PB37-TikTok%20and%20WeChat%20-%20Curating%20and%20contolling%20global%20information%20flows.pdf
2、关注日本赛博安全的看过来:Japan’s National Cybersecurity and Defense Posture
https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/Cyber-Reports-2020-08-Japans-national-cybersecurity-defense-posture.pdf
3、陆军针对攻击性网络,信息战推出黑客总部
https://breakingdefense.com/2020/09/army-unveils-hacker-hq-for-offensive-cyber-info-war/
广告时间
360威胁情报中心TI新版上线
https://ti.360.cn
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论