漏洞 Vulnerability
CVE-2020-0022: 安卓设备蓝牙漏洞,攻击者无需任何用户交互即可发起RCE攻击
https://threatpost.com/critical-android-bluetooth-bug-enables-rce-no-user-interaction-needed/152699/
Cisco Discovery Protocol (CDP) 5个0day
https://www.armis.com/cdpwn/
恶意软件 Malware
Emotet的WIFI蠕虫模块能够入侵附近的Wi-Fi网络以传播给新受害者
https://www.bleepingcomputer.com/news/security/emotet-hacks-nearby-wi-fi-networks-to-spread-to-new-victims/
安全事件 Security Incident
针对境外黑客宣称攻击境内视频监控系统事件通告
https://cert.360.cn/warning/detail?id=af0b92fa42436cf5ffe64111d69e6e2c
暗网出售五十万印度人的支付卡数据
https://www.hackread.com/dark-web-hackers-selling-indian-payment-card-data/
Facebook的Twitter帐户被臭名昭著的OurMine黑客组织劫持
https://www.grahamcluley.com/facebooks-twitter-account-is-hijacked-by-notorious-ourmine-hacking-group/
巴西一家在线票务公司FutebolCard泄露了25GB当地球迷隐私数据
https://www.zdnet.com/article/brazilian-firm-exposes-personal-details-of-thousands-of-soccer-fans/
安全资讯 Security Information
PayPal SMS骗局
https://nakedsecurity.sophos.com/2020/02/05/paypal-sms-scams-dont-fall-for-them/
马斯特里赫特大学勒索软件攻击事件背后的TA505黑客
https://www.bleepingcomputer.com/news/security/ta505-hackers-behind-maastricht-university-ransomware-attack/
安全研究 Security Research
Docker Registry 的错误配置带来的危害
https://www.bleepingcomputer.com/news/security/misconfigured-docker-registries-expose-orgs-to-critical-risks/
WAF对WebShell流量检测的性能分析
https://www.freebuf.com/articles/web/226053.html
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论