漏洞 Vulnerability
CVE-2019-6188:联想个别版本BIOS篡改检测机制未触发导致可能未经授权访问
https://twitter.com/CVEnew/status/1194370736997228545
CVE-2019-3648:McAfee反病毒软件漏洞
https://go.theregister.co.uk/feed/www.theregister.co.uk/2019/11/12/mcafee_av_vulnerability/
CVE-2019-15815:ZyXEL P-1302-T10D v3未授权访问漏洞
https://twitter.com/CVEnew/status/1194310326638055424
安全工具 Security Tools
记一次编写域账号弱口令审计工具
https://www.freebuf.com/sectool/219636.html
ThreatIngestor:一款功能强大的威胁情报提取和聚合工具
https://www.freebuf.com/sectool/218725.html
恶意软件 Malware
深入分析近期活跃Emotet家族木马
https://www.anquanke.com/post/id/190180
安全事件 Security Incident
telegram软件MTProxy服务器用于DDoS伊朗云提供商
https://www.bleepingcomputer.com/news/security/telegram-mtproxy-servers-used-to-ddos-iranian-cloud-provider/
安全资讯 Security Information
2020 ICS大会Singapore会议启动
http://feedproxy.google.com/~r/Securityweek/~3/vibXWlpLfnU/call-papers-securityweeks-2020-singapore-ics-cyber-security-conference
墨西哥Pemex石油公司遭受勒索攻击490万美元
https://www.bleepingcomputer.com/news/security/mexicos-pemex-oil-suffers-ransomware-attack-49-million-demanded/
安全研究 Security Research
APT组织Lazarus2019年行动回顾
https://otx.alienvault.com/pulse/5dcad59a712e041c70ca7fcb
威胁捕获效率与EDR的选择
https://securingtomorrow.mcafee.com/business/endpoint-security/threat-hunting-or-efficiency-pick-your-edr-path/
Java反序列化利用链分析之CommonsCollections3
https://www.anquanke.com/post/id/190461
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论