Inspired by 360CERT

漏洞 Vulnerability

Adobe修复ColdFusion代码执行漏洞

https://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion/

 

OpenSSL将发布安全更新

https://securitythreatnews.com/2021/03/22/openssl-will-release-a-high-priority-update-on-thursday-march-25/

 

恶意软件 Malware

Black Kingdom利用Exchange漏洞部署勒索软件

https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-now-targeted-by-black-kingdom-ransomware/

 

安全研究 Security Research

PDF隐藏数据安全

https://arxiv.org/abs/2103.02707

 

隐藏书签技术

https://jstrieb.github.io/projects/hidden-bookmarks/

 

绕过安全过滤技术

https://www.secjuice.com/bypass-strict-input-validation-with-remove-suffix-and-prefix-pattern/

 

安全工具 Security Tools

pymisp的Go语言版

https://github.com/KaanSK/Go-MISPFeedGenerator

 

安全事件 Security Incident

MangaDex遭攻击临时关闭

https://www.bleepingcomputer.com/news/security/mangadex-manga-site-temporarily-shut-down-after-cyberattack/

 

Shell披露网络攻击与数据泄露

https://www.bleepingcomputer.com/news/security/energy-giant-shell-discloses-data-breach-after-accellion-hack/

 

安全客 Security Geek

TinyInst动态插桩工具原理分析

https://www.anquanke.com/post/id/234925

文章原文链接:https://www.anquanke.com/post/id/235512