今日威胁情报2020/9/6-8(第299期)

  • A+
所属分类:安全新闻

今日威胁情报2020/9/6-8(第299期)


高级威胁分析
今日威胁情报2020/9/6-8(第299期)


1、GoblinPanda组织的一个样本分析。跟8月低卡巴的报告可以一起看。C2:jkncj.com

https://medium.com/@Sebdraven/rtf-royal-road-drops-a-new-backdoor-mfc-and-links-with-goblin-panda-90db06f80611


2、通过分析DNS活动发现可疑的APT行为,论文,研究用。

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7038486/


3、BuggleBoys……我我我我……不认识,哈哈哈哈

今日威胁情报2020/9/6-8(第299期)

https://www.cert.ug/financial-sector-security-advisory


4、Evilnum

https://www.cybereason.com/blog/no-rest-for-the-wicked-evilnum-unleashes-pyvil-rat


技术分享
今日威胁情报2020/9/6-8(第299期)


1、OSINT,监控火灾……同样可以做地理图谱监控,对老美的。

https://www.thefuldagap.com/2019/07/25/osint-wildfire-monitoring-tools/


2、Search Engine Improvements。shodan改进

https://blog.shodan.io/search-engine-improvements/


3、恶意软件规则,可以用在产品或者其他地方。

今日威胁情报2020/9/6-8(第299期)

https://github.com/elastic/detection-rules/tree/main/rules/azure


漏洞相关
今日威胁情报2020/9/6-8(第299期)


1、疑似一个宝贝:Windows 10沙盒Hyper-V激活小范围有零日漏洞

https://www.bleepingcomputer.com/news/security/windows-10-sandbox-activation-enables-zero-day-vulnerability/


2、MoFi Routers漏洞

今日威胁情报2020/9/6-8(第299期)

https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers/


3、RCE,Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN
https://cve.circl.lu/cve/CVE-2020-2498


4、??????????????????????

今日威胁情报2020/9/6-8(第299期)

https://www.ehackingnews.com/2020/09/chinese-hackers-targeted-about-five.html


网络战与网络情报
今日威胁情报2020/9/6-8(第299期)


1、澳大利亚傻逼智库分析tiktok和wechat与兔子关系。看一下他们的思路方向,不能太相信这个报告。

今日威胁情报2020/9/6-8(第299期)

https://www.aspi.org.au/report/tiktok-wechat

https://s3-ap-southeast-2.amazonaws.com/ad-aspi/2020-09/PB37-TikTok%20and%20WeChat%20-%20Curating%20and%20contolling%20global%20information%20flows.pdf


2、关注日本赛博安全的看过来:Japan’s National Cybersecurity and Defense Posture

今日威胁情报2020/9/6-8(第299期)

https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/Cyber-Reports-2020-08-Japans-national-cybersecurity-defense-posture.pdf


3、陆军针对攻击性网络,信息战推出黑客总部

https://breakingdefense.com/2020/09/army-unveils-hacker-hq-for-offensive-cyber-info-war/


今日威胁情报2020/9/6-8(第299期)

广告时间

360威胁情报中心TI新版上线

https://ti.360.cn


今日威胁情报2020/9/6-8(第299期)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: