2月22日每日安全热点 - 美国国防部披露了DISA的数据泄露事件

360安全客 安全资讯 92817 4

漏洞 Vulnerability
fastjson<=1.2.62远程代码执行漏洞通告
https://cert.360.cn/warning/detail?id=1c87b2d640e3c0205153d21d3b28e4f1
CVE-2020-3765、CVE-2020-3764: Adobe修补媒体编码器和After Effects的严重漏洞
https://thehackernews.com/2020/02/adobe-software-updates.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29
CVE-2020-8840: FasterXML/jackson-databind 远程代码执行漏洞通告
https://cert.360.cn/warning/detail?id=1fe3b5ea888750006e0d64fb0df1e6ee
安全资讯 Security Information
因云端配置错误而导致的数据泄露
https://www.ehackingnews.com/2020/02/334-billion-records-exposed-in-breaches.html
RSAC 2020:“Human Element”主题永不过时的三个原因
https://www.freebuf.com/articles/network/227934.html
安全事件 Security Incident
美国国防部披露了DISA的数据泄露事件
https://www.zdnet.com/article/dod-disa-discloses-data-breach/#ftag=RSSbaffb68
Slickwraps数据泄露泄露财务和客户信息
https://www.bleepingcomputer.com/news/security/slickwraps-allegedly-hacked-financial-and-customer-info-exposed/
安全研究 Security Research
CVE-2020-1938 : Tomcat-Ajp 协议漏洞分析
https://cert.360.cn/report/detail?id=b288a58746306f38691d49df846a4374
鲜为人知的社会工程技巧
https://securityboulevard.com/2020/02/lesser-known-social-engineering-tricks/
有关“透明部落行动”最新行动的分析
https://securityaffairs.co/wordpress/98249/apt/operation-transparent-tribe-pakistan-india.html
xHunt利用科威特政府网站攻击分析
https://www.freebuf.com/articles/network/226630.html
(完)