2月12日每日安全热点- Avaddon勒索软件修复了可以免费解密的漏洞

Inspired by 360CERT

漏洞 Vulnerability

10万WP站点恐因Buggy插件被接管

https://www.bleepingcomputer.com/news/security/buggy-wordpress-plugin-exposes-100k-sites-to-takeover-attacks/

 

平底锅PanOS漏洞

https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/

 

恶意软件 Malware

Trickbot为规避杀软改用Nim编程

https://www.bleepingcomputer.com/news/security/trickbots-bazarbackdoor-malware-is-now-coded-in-nim-to-evade-antivirus/

 

安全研究 Security Research

Sharepoint渗透教学

https://www.crummie5.club/the-lone-sharepoint/

 

Windows 10 线程安全研究

https://blog.syscall.party/post/windows-10-stealthy-threads/

安全资讯 Security Information

Telegram再出事故

https://www.inputzero.io/2020/12/telegram-privacy-fails-again.html

 

Chess.com与五千万用户数据的安全风险

https://samcurry.net/hacking-chesscom/

安全事件 Security Incident

Avaddon勒索软件修复了可以免费解密的漏洞

https://www.bleepingcomputer.com/news/security/avaddon-ransomware-fixes-flaw-allowing-free-decryption/

 

企业网络访问权限在黑客市场一降再降

https://www.bleepingcomputer.com/news/security/hackers-ask-only-1-500-for-access-to-breached-company-networks/