漏洞 Vulnerability
CVE-2019-11931:WhatsApp RCE漏洞
https://twitter.com/bishopfox/status/1195763538028969984
EDB-ID 47653:gSOAP 2.8目录穿越漏洞
https://www.exploit-db.com/exploits/47653
TP-Link VR300v1存储型XSS
https://seclists.org/fulldisclosure/2019/Nov/10
安全工具 Security Tools
Jaeles – 用于自动Web应用程序测试的安全工具
http://feedproxy.google.com/~r/PentestTools/~3/zlWjrZURDRo/jaeles-swiss-army-knife-for-automated.html
安全事件 Security Incident
未授权数据库暴露了9300万个滥用药物患者的文件
https://www.scmagazine.com/home/health-care/open-database-exposes-93m-files-on-patients-of-substance-abuse-facilities/
恶意软件 Malware
RDP远程漏洞(CVE-2019-0708)被发现野外利用来挖矿
https://www.freebuf.com/articles/system/218963.html
Zscaler披露两款通过伪造安全更新进行植入的木马
https://www.zscaler.com/blogs/research/netsupport-rat-installed-fake-update-notices
安全资讯 Security Information
天府杯黑客大赛:Chrome, Edge, Safari均被攻破
https://www.zdnet.com/article/chrome-edge-safari-hacked-at-elite-chinese-hacking-contest/
大量被盗迪士尼在黑客论坛出售
https://twitter.com/Dinosn/status/1195745314260619265
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论