漏洞 Vulnerability
CVE-2019-16219: WordPress Gutenberg编辑器XSS漏洞导致代码执行
https://threatpost.com/wordpress-xss-drive-by-code-execution/148324/
CVE-2019-0207: Apache Tapestry 5.4.2路径穿越漏洞
https://seclists.org/oss-sec/2019/q3/229?utm_source=dlvr.it&utm_medium=twitter
安全工具 Security Tools
Stegify – 用于LSB隐写术的工具,能够隐藏任何文件至图像中
http://feedproxy.google.com/~r/PentestTools/~3/l2fNzJLNH5Q/stegify-go-tool-for-lsb-steganography.html
Sandboxie – 在隔离环境中安全运行任何应用程序的免费工具
https://gbhackers.com/sandboxie/
安全资讯 Security Information
胡塞叛乱分子声称伊朗对沙特石油设施进行袭击
https://www.theguardian.com/world/2019/sep/14/pompeo-iran-saudi-arabia-oil-yemen-houthi
安全研究 Security Research
AWS攻防: 将存在信息泄露的存储桶引入OSINT工作流
https://blog.malwarebytes.com/researchers-corner/2019/09/hacking-with-aws-incorporating-leaky-buckets-osint-workflow/
如何破解忘记了一部分的密码
https://www.engadget.com/2019/09/13/forgot-password-ethereum-cryptocurrency-lost-expandpass/
供应链攻击的演变和未来
https://twitter.com/kaspersky/status/1172853778338500615/photo/1
恶意软件 Malware
Nemty勒索软件更新增加用于终止进程和服务的代码
https://www.bleepingcomputer.com/news/security/nemty-ransomware-update-lets-it-kill-processes-and-services/
InnfiRAT木马从比特币和莱特币钱包中窃取资金
https://securityaffairs.co/wordpress/91230/breaking-news/innfirat-malware-cryptocurrency.html
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论