3月5日每日安全热点 - Fireeye发现与Solarwinds行动相关的新恶意软件

Inspired by 360CERT

漏洞 Vulnerability

Supermicro修复Trickboot攻击

https://www.bleepingcomputer.com/news/security/supermicro-pulse-secure-release-fixes-for-trickboot-attacks/

 

VMWare修复View Planner RCE漏洞

https://www.bleepingcomputer.com/news/security/vmware-releases-fix-for-severe-view-planner-rce-vulnerability/

 

恶意软件 Malware

 

安全研究 Security Research

勒索软件安全防护分析

https://research.nccgroup.com/2021/03/04/deception-engineering-exploring-the-use-of-windows-service-canaries-against-ransomware/

 

安全工具 Security Tools

Wubes：Windows沙箱安全工具

https://research.nccgroup.com/2021/03/03/wubes-leveraging-the-windows-10-sandbox-for-arbitrary-processes/

 

安全资讯 Security Information

DHS下令紧急更新Exchange

https://www.bleepingcomputer.com/news/security/dhs-orders-agencies-to-urgently-patch-or-disconnect-exchange-servers/

 

安全报告 Security Report

Fireeye发现与Solarwinds行动相关的新恶意软件

https://www.bleepingcomputer.com/news/security/fireeye-finds-new-malware-likely-linked-to-solarwinds-hackers/

 

安全专家统计勒索软件涉及行业价值已超十亿美元并快速增长

https://www.bleepingcomputer.com/news/security/ransomware-is-a-multi-billion-industry-and-it-keeps-growing/

 

安全事件 Security Incident

Maza黑客论坛遭黑客攻击

https://www.bleepingcomputer.com/news/security/maza-forum-hacked-in-recent-attacks-targeting-cybercrime-forums/

 

SendGrid遭攻击并被利用窃取凭证

https://www.bleepingcomputer.com/news/security/hacked-sendgrid-accounts-used-in-phishing-attacks-to-steal-logins/

 

安全客 Security Geek

恶意框架样本分析-从Veil到Msf

https://www.anquanke.com/post/id/231447