漏洞 Vulnerability
CVE-2019-11043: PHP-FPM在Nginx特定配置下任意代码执行漏洞预警
https://cert.360.cn/warning/detail?id=62906fc8ae4629c32223ac7258e12555
CVE-2019-10462 Jenkins Dynatrace应用监控插件2.1.3 CSRF漏洞
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10462
安全工具 Security Tools
LetsMapYourNetwork:一款物理网络可视化工具
https://www.freebuf.com/sectool/215127.html
BlackHat 2019工具库-BLACKPHENIX-恶意软件分析自动化框架
http://feedproxy.google.com/~r/fortinet/blog/threat-research/~3/xj_HnX4lnuw/blackhat-black-phenix-framework.html
安全事件 Security Incident
Avast安全分析:导致CCleaner失窃的VPN凭证
https://www.databreachtoday.com/avast-stolen-vpn-credentials-led-to-ccleaner-attack-redux-a-13283
美国某保健医院遭受钓鱼攻击12.9万病人信息泄露
https://securityboulevard.com/2019/10/hospital-leaks-129k-patient-records-in-sophisticated-phishing-scam/
安全资讯 Security Information
Office 365将恶意软件ZAP添加到安全监测中心
https://www.bleepingcomputer.com/news/security/office-365-adds-malware-zap-toggle-to-security-and-compliance-center/
美国FBI发布有关抵制电子盗版的文章
https://www.us-cert.gov/ncas/current-activity/2019/10/23/fbi-releases-article-defending-against-e-skimming
美国联邦委员发布Retina-X应用禁令严厉打击“跟踪软件”
https://www.freebuf.com/news/217716.html
安全研究 Security Research
探索CND上的DDoS攻击: 缓存投毒导致拒绝服务
https://securityaffairs.co/wordpress/92859/hacking/cpdos-attack-cdns.html
NukeSped RATs恶意工具深度分析
http://feedproxy.google.com/~r/fortinet/blog/threat-research/~3/QqmLFUy4jXo/deep-analysis-nukesped-rat.html
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论