漏洞 Vulnerability
CVE-2020-5410: Spring Cloud Config Server 目录遍历漏洞通告
https://cert.360.cn/warning/detail?id=005b0371f251e8e397836bcc6baff8dc
(更新)远程利用POC公布|CVE-2020-0796:微软发布SMBv3协议“蠕虫级”漏洞补丁通告
https://cert.360.cn/warning/detail?id=d7e05fde363cf38ead4761a04caefd87
安全资讯 Security Information
最新的AWS钓鱼活动已让全球数百万用户处于安全威胁之下
https://www.anquanke.com/post/id/207401
移动网络钓鱼攻击急剧增加
https://www.darkreading.com/mobile/mobile-phishing-attacks-increase-sharply/d/d-id/1337982?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
Apple修复了登录错误可能启用对第三方帐户的劫持
https://www.scmagazine.com/home/security-news/vulnerabilities/fixed-apple-sign-in-bug-could-have-enabled-hijacking-of-3rd-party-accounts/
苹果越狱零日补丁
https://packetstormsecurity.com/news/view/31258/Apple-Jailbreak-Zero-Day-Gets-A-Patch.html
8Belts公开了全球100,000个在线学习者的个人数据
https://www.hackread.com/8belts-exposes-data-of-100000-e-learners/
VMware Cloud Director中的关键漏洞使黑客可以接管公司的基础架构
https://securityaffairs.co/wordpress/104157/hacking/vmware-cloud-director-flaw.html
Sodinokibi勒索软件泄露从英国电力交易机构Elexon窃取的文件
https://securityaffairs.co/wordpress/104149/cyber-crime/sodinokibi-published-elexon-files.html
安全研究 Security Research
后堆栈时代的信息泄露漏洞挖掘思路
https://www.freebuf.com/vuls/237398.html
SMB RPC类漏洞攻防对抗系列:利用SMB_COM_WRITE_ANX分割PRC流量特征
https://www.freebuf.com/vuls/235800.html
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论