漏洞 Vulnerability
CVE-2020-0796:(SMBGhost) SMBv3协议“蠕虫级”漏洞分析及 POC 编写指南
https://ricercasecurity.blogspot.com/2020/04/ill-ask-your-body-smbghost-pre-auth-rce.html
CVE-2020-8835:Linux Kernel 信息泄漏/权限提升漏洞分析
https://mp.weixin.qq.com/s/XteBFMBI_j8R6uateNK_YQ
CVE-2020-1967:SSL_check_chain 中的段错误
https://www.openssl.org/news/secadv/20200421.txt
多个 Foxit PDF Reader, PhantomPDF 漏洞披露,可导致远程代码执行
https://threatpost.com/foxit-pdf-reader-phantompdf-remote-code-execution/154942/
IBM 数据风险管理的多个 0 day 披露
https://seclists.org/fulldisclosure/2020/Apr/33
安全报告 Security Report
复杂风控场景下,如何打造一款高效的规则引擎
https://www.secpulse.com/archives/128906.html
安全资讯 Security Information
火眼:Mandiant Intelligence 漏洞管理建设-漏洞评级部分
https://www.fireeye.com/blog/threat-research/2020/04/how-mandiant-intelligence-rates-vulnerabilities.html
黑客在暴露其IP地址后返还 2500 万美元
https://www.hackread.com/hacker-returns-25m-after-ip-address-exposed/
安全研究 Security Research
Weblogic t3 协议回显穿透 nat 以及获取内网地址
https://paper.seebug.org/1180/
针对 Rootkit 的防御检测指南
https://labs.jumpsec.com/2020/04/20/a-defenders-guide-for-rootkit-detection-episode-1-kernel-drivers/
域渗透——DNS记录与MachineAccount
https://3gstudent.github.io/3gstudent.github.io/
恶意软件 Malware
与 APT 间谍活动有关的移动恶意软件集合
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/mobile-malware-report.pdf
趋势科技:Gamaredon APT 组织在最新的活动中使用 Covid-19 做为诱饵
https://blog.trendmicro.com/trendlabs-security-intelligence/gamaredon-apt-group-use-covid-19-lure-in-campaigns/
PoetRAT:一款 python RAT 使用 COVID-19 做为诱饵攻击 Azerbaijan 公共和私营部门
https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html
使用 COVID-19 诱饵针对叙利亚进行网络攻击活动披露
https://blog.lookout.com/nation-state-mobile-malware-targets-syrians-with-covid-19-lures
使用 Slack referrer URL 进行的钓鱼活动曝光
https://perception-point.io/resources/incident-reports/phishing-attempt-using-slack-referrer-url/
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论