2月19日每日安全热点 - Azure、Exchange部分源码在Solarwinds行动中被窃

阅读量152686

发布时间 : 2021-02-19 09:30:51

Inspired by 360CERT

漏洞 Vulnerability

以太坊DoS漏洞

https://adalogics.com/blog/the-importance-of-continuity-in-fuzzing-cve-2020-28362

 

安全研究 Security Research

供应链攻击现状

https://github.com/hardenedlinux/cheap-pcb/blob/main/cheap-pcb-story.md

 

中间件安全配置杂谈

https://labs.detectify.com/2021/02/18/middleware-middleware-everywhere-and-lots-of-misconfigurations-to-fix/

 

行为控制图像扫描识别

https://sysdig.com/blog/image-scanning-admission-controller/

 

第三方网络安全之用户输入

https://adtechmadness.wordpress.com/2021/02/18/all-your-are-belong-to-me/

 

安全报告 Security Report

Azure、Exchange部分源码在Solarwinds行动中被窃

https://www.bleepingcomputer.com/news/microsoft/microsoft-solarwinds-hackers-downloaded-some-azure-exchange-source-code/

 

FBI对电话拒绝服务攻击发出预警

https://www.bleepingcomputer.com/news/security/fbi-telephony-denial-of-service-attacks-can-lead-to-loss-of-lives/

 

FBI分享朝鲜窃取加密货币行动细节

https://www.bleepingcomputer.com/news/security/us-shares-info-on-north-korean-malware-used-to-steal-cryptocurrency/

 

安全事件 Security Incident

RIPE NCC发布通告称遭到网络攻击

https://www.bleepingcomputer.com/news/security/ripe-ncc-internet-registry-discloses-sso-credential-stuffing-attack/

 

Google Apps被滥用以绕过CSP

https://www.bleepingcomputer.com/news/security/hackers-abuse-google-apps-script-to-steal-credit-cards-bypass-csp/

 

安全客 Security Geek

CVE-2021-3156 sudo heap-based bufoverflow 复现&分析

https://www.anquanke.com/post/id/231408

本文由安全客原创发布

转载,请参考转载声明,注明出处: https://www.anquanke.com/post/id/231629

安全KER - 有思想的安全新媒体

分享到:微信
+10赞
收藏
安全客
分享到:微信

发表评论

Copyright © 北京奇虎科技有限公司 三六零数字安全科技集团有限公司 安全KER All Rights Reserved 京ICP备08010314号-66