2月23日每日安全热点 - Clop勒索软件对多家企业进行针对性攻击

Inspired by 360CERT

漏洞 Vulnerability

Windows Server 2012 DLL劫持

https://blog.vonahi.io/srclient-dll-hijacking/?test=test

 

Zoom Keybase漏洞致图像无法删除

https://johnjhacking.com/blog/cve-2021-23827/

 

恶意软件 Malware

Silver Sparrow感染数万Mac设备目前意图不明

https://www.bleepingcomputer.com/news/security/new-silver-sparrow-malware-infects-30-000-macs-for-unknown-purpose/

 

安全研究 Security Research

红队之NetNTLM

https://www.mdsec.co.uk/2021/02/farming-for-red-teams-harvesting-netntlm/

 

COFFLoader：内存加载器构建文件

https://www.trustedsec.com/blog/coffloader-building-your-own-in-memory-loader-or-how-to-run-bofs/

 

Windows IPC Part.2

https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html

 

云环境日志安全

https://marcolancini.it/2021/blog-security-logging-cloud-environments-aws/

 

安全事件 Security Incident

德州电力公司警告用户称近期有多起电信诈骗事件

https://www.bleepingcomputer.com/news/security/texas-electric-company-warns-of-scammers-threatening-to-cut-power/

 

微软指中国黑阔在Shadow Brokers泄露前已用NSA后门

https://www.bleepingcomputer.com/news/security/chinese-hackers-used-nsa-exploit-years-before-shadow-brokers-leak/

 

Clop勒索软件对多家企业进行针对性攻击

https://www.bleepingcomputer.com/news/security/global-accellion-data-breaches-linked-to-clop-ransomware-gang/

 

ServiceNow系统功能泄露数百用户信息

https://jordanpotti.com/2021/02/21/ServiceNow-HelpTheHelpDeskAndTheHackers/

 

安全客 Security Geek

CDN 2021 完全攻击指南 （二）

https://www.anquanke.com/post/id/231437