漏洞 Vulnerability
CVE-2019-1003030: Jenkins 2.63 沙箱绕过
https://cxsecurity.com/issue/WLB-2020100124
CVE-2020-16952: Microsoft SharePoint SSI / ViewState 远程代码执行
https://cxsecurity.com/issue/WLB-2020100123
CVE-2020-17022: Microsoft Windows Codecs Library 远程代码执行
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-17022
安全资讯 Security Information
GravityRAT间谍软件的目标是印度的Android和MacOS设备
https://www.darkreading.com/attacks-breaches/gravityrat-spyware-targets-android-and-macos-in-india/d/d-id/1339218
Microsoft Exchange, Outlook 遭到apt组织围攻
https://threatpost.com/microsoft-exchange-outlook-apts/160273/
这个新的恶意软件使用远程覆盖攻击劫持你的银行帐户
https://www.zdnet.com/article/this-new-malware-uses-remote-overlay-attacks-to-hijack-your-bank-account/
安全研究 Security Research
域渗透之SPN
https://www.anquanke.com/post/id/219934
DrayTek Vigor 2960 从未授权到rce
https://bestwing.me/drayteck-vigor-vulnerability-d%1Disclosure.html
攻击者如何利用二维码及如何降低二维码风险
https://www.csoonline.com/article/3584773/how-attackers-exploit-qr-codes-and-how-to-mitigate-the-risk.html
KimSuky各类攻击手法浅析
https://www.anquanke.com/post/id/219593
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论