漏洞 Vulnerability Apache ActiveMQ 5.11.1目录遍历/ Shell上传 https://cxsecurity.com/issue/WLB-2020030033 Comtrend VR-3033命令注入漏洞 https://www.cnvd.org.cn/flaw/show/CNVD-2020-15983 安全工具 Security Tools HoneyBot-捕获，上传和分析网络流量 https://www.kitploit.com/2020/03/honeybot-capture-upload-and-analyze.html NTLMRecon-一种从启用了NTLM身份验证的Web端点枚举信息的工具 https://www.kitploit.com/2020/03/ntlmrecon-tool-to-enumerate-information.html 恶意软件 Malware https://securityaffairs.co/wordpress/99156/cyber-crime/coronavirus-spam-campaign.html 以冠状病毒为主题的新垃圾邮件活动发送了FormBook恶意软件 安全事件 Security Incident Zoho的0-day漏洞poc被披露 https://threatpost.com/critical-zoho-zero-day-flaw-disclosed/153484/ 安全资讯 Security Information Netgear修复了可能允许收购旗舰Nighthawk路由器的重要RCE https://securityaffairs.co/wordpress/99177/security/netgear-flagship-nighthawk-router-rce.html Facebook起诉Namecheap以保护人们免受域名欺诈 https://securityaffairs.co/wordpress/99138/social-networks/facebook-namecheap-domain-name-fraud.html 安全研究 Security Research 使用GitHub Actions进行进攻性开发 https://www.mdsec.co.uk/2020/03/offensive-development-with-github-actions/ Molerats向政府和电信组织提供后门服务 https://unit42.paloaltonetworks.com/molerats-delivers-spark-backdoor/