安全工具 Security Tools
Kuiper:数字调查平台
https://github.com/DFIRKuiper/Kuiper
安全资讯 Security Information
NordVPN用户的凭证泄漏并流传于在线论坛上
https://arstechnica.com/information-technology/2019/11/nordvpn-users-passwords-exposed-in-mass-credential-stuffing-attacks/
Google已对在野Chrome漏洞进行修补
https://www.bleepingcomputer.com/news/security/chrome-zero-day-bug-with-exploit-in-the-wild-gets-a-patch/
ElasticSearch数据库因配置错误暴露了将近750万Adobe Creative Cloud用户记录
https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud/misconfigured-elasticsearch-database-exposed-almost-7-5-million-adobe-creative-cloud-users-records?utm_source=trendmicroresearch&utm_medium=smk&utm_campaign=1019_elasticsearch
安全研究 Security Research
始于ZDI-CAN-8807的挖洞故事
https://www.zerodayinitiative.com/blog/2019/10/31/the-little-bitmap-that-couldnt
恶意软件 Malware
Corona bot分析
https://maxkersten.nl/binary-analysis-course/malware-analysis/corona-ddos-bot/
WIZARD SPIDER为Ryuk添加了新功能,用于在局域网上定位主机
https://www.crowdstrike.com/blog/wizard-spider-adds-new-feature-to-ryuk-ransomware/
安全报告 Security Report
CVE-2019-13720漏洞在野利用分析
https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/
欺诈,黑客和网络攻击:对电子竞技行业的威胁
https://documents.trendmicro.com/assets/white_papers/wp-threats-to-the-esports-industry-in-2019-and-beyond.pdf
NCSC2019年度回顾
https://www.ncsc.gov.uk/annual-review/2019/ncsc/docs/ncsc_2019-annual-review.pdf
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论