漏洞 Vulnerability
CVE-2020-1730:libssh拒绝服务漏洞
https://www.libssh.org/security/advisories/CVE-2020-1730.txt
CVE-2020-10882: TP-Link 命令注入漏洞通告
https://cert.360.cn/warning/detail?id=ea0df6b0ad71ae8540e9582ff74b7a60
Symantec Web Gateway 5.0.2.8远程代码执行漏洞
https://twitter.com/wugeej/status/1248052787302170626
安全工具 Security Tools
sandboxie开源了
https://www.sandboxie.com/
RetDec v4.0发布了
https://engineering.avast.io/retdec-v4-0-is-out/
Chromepass – 破解Chrome保存密码的工具
https://www.kitploit.com/2020/04/chromepass-hacking-chrome-saved.html
Eavesarp – 分析ARP请求以识别相互通信的主机和陈旧的网络地址配置
https://www.kitploit.com/2020/04/eavesarp-analyze-arp-requests-to.html
安全资讯 Security Information
google的新书Building Secure and Reliable Systems
https://www.google.com.hk/books/edition/Building_Secure_and_Reliable_Systems/Kn7UxwEACAAJ?hl=en
安全研究 Security Research
一种ETW bypass方式
https://modexp.wordpress.com/2020/04/08/red-teams-etw/
对利用COVID-19的APT活动的总结
https://blog.malwarebytes.com/threat-analysis/2020/04/apts-and-covid-19-how-advanced-persistent-threats-use-the-coronavirus-as-a-lure/
恶意软件 Malware
对2020年3月流行的恶意代码和漏洞利用的总结
https://blog.checkpoint.com/2020/04/09/march-2020s-most-wanted-malware-dridex-banking-trojan-ranks-on-top-malware-list-for-first-time/
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论