3月15日每日安全热点 - 美国起诉Sky Global CEO

Inspired by 360CERT

漏洞 Vulnerability

Exchange漏洞现新PoC

https://www.bleepingcomputer.com/news/security/new-poc-for-microsoft-exchange-bugs-puts-attacks-in-reach-of-anyone/

 

Linux内核iSCSI子系统漏洞可实现本地提权

https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html?m=1

 

Google修复本月第二个Chrome 0day

https://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193

 

恶意软件 Malware

Google公开针对浏览器JS引擎的Spectre PoC

https://leaky.page/

 

安全研究 Security Research

扫描配咖啡 一天时间没

https://cmpxchg16.medium.com/scan-the-whole-internet-while-drinking-coffee-9c4085539594

 

因特尔微码结构逆向

https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9197630

 

安全资讯 Security Information

美国起诉Sky Global CEO

https://www.bleepingcomputer.com/news/security/ceo-of-sky-global-encrypted-chat-platform-indicted-by-us/

 

Twitter推广被利用传播钓鱼内容

https://www.bleepingcomputer.com/news/security/scammers-promote-fake-cryptocurrency-giveaways-via-twitter-ads/

 

安全报告 Security Report

OVH负责人称UPS电源故障可能是起火原因

https://www.bleepingcomputer.com/news/security/ovh-data-center-fire-likely-caused-by-faulty-ups-power-supply/

 

安全事件 Security Incident

安全人员通过git泄露攻破印度政府网站

https://www.bleepingcomputer.com/news/security/researchers-hacked-indian-govt-sites-via-exposed-git-and-env-files/

 

安全客 Security Geek

Internet Explorer漏洞分析(三)——CVE-2014-6332

https://www.anquanke.com/post/id/233824

(完)