漏洞 Vulnerability
在万圣节之夜,Google公开了在野外利用Chrome零日漏洞的信息
https://www.zdnet.com/article/halloween-scare-google-discloses-chrome-zero-day-exploited-in-the-wild/
Chrome的CVE-2019-13720安全漏洞在Operation Wizard中被利用
https://securityaffairs.co/wordpress/93278/hacking/cve-2019-13720-lazarus-attacks.html
安全工具 Security Tools
Fenrir:一款功能强大的BASH IoC扫描器
https://www.freebuf.com/sectool/216061.html
安全报告 Security Report
2019年上半年基于网络的威胁报告
https://unit42.paloaltonetworks.com/web-based-threats-first-half-2019/
通过Whatsapp定位的20个国家/地区的官员
https://www.databreachtoday.com/govt-officials-in-20-nations-targeted-via-whatsapp-report-a-13337
看门狗警告说,面部识别可能是有史以来最具侵入性的警务技术
https://www.zdnet.com/article/facial-recognition-could-be-most-invasive-policing-technology-ever-warns-watchdog/
安全事件 Security Incident
Uber和Lynda.com骇客案中的两人认罪
https://www.scmagazine.com/home/security-news/legal-security-news/two-guilty-pleas-in-uber-and-lynda-com-hacking-case/
Web注册服务商三重漏洞泄露2200万个帐户
https://www.databreachtoday.com/trio-web-registrars-disclose-22-million-accounts-breached-a-13332
知名Web域名注册商遭黑客攻击,导致客户信息泄露
https://www.freebuf.com/news/218772.html
Red Hat Process Automation在最新版本中添加了预测建模
https://twitter.com/a_purkait/status/1190290149105528833
恶意软件 Malware
数以千计的QNAP NAS设备已感染QSnatch恶意软件
https://www.oodaloop.com/briefs/2019/11/01/thousands-of-qnap-nas-devices-have-been-infected-with-the-qsnatch-malware/
Gafgyt恶意软件感染无线路由器并扩招到僵尸网络以攻击游戏服务器
https://gbhackers.com/gafgyt-malware/
Gafgyt botnet变体带有DDoS攻击的广受欢迎的Fortnite针对TF2之类的游戏以
https://twitter.com/151satoshi/status/1190230393833832449
安全研究 Security Research
提高安全意识:为什么工具不能替代人
https://www.darkreading.com/operations/raising-security-awareness-why-tools-cant-replace-people/a/d-id/1336189?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论