3月31日每日安全热点 - 印度Mobikwik否认网上出售的8T数据是从公司泄露的

Inspired by 360CERT

漏洞 Vulnerability

VMWare修复vRealize Operations严重漏洞

https://www.bleepingcomputer.com/news/security/vmware-fixes-bug-allowing-attackers-to-steal-admin-credentials/

 

恶意软件 Malware

伴随Exchange漏洞兴起 Wannacry勒索软件也呈上升趋势

https://www.bleepingcomputer.com/news/security/microsoft-exchange-attacks-increase-while-wannacry-gets-a-restart/

 

安全研究 Security Research

利用JARM识别Tor

https://chaos.institute/fingeprinting-tor-relays-with-jarm/

 

安全工具 Security Tools

Bloodhound for Linux

https://www.errno.fr/BloodhoundForLinux.html

 

LDAP转储搜索工具

https://github.com/kgoins/ldsview

 

安全资讯 Security Information

美国政府警告称购买伪造新冠卡涉嫌犯罪

https://www.bleepingcomputer.com/news/security/us-govt-warns-that-buying-fake-covid-19-vaccine-cards-is-a-crime/

 

安全事件 Security Incident

国税局称近期有大量以国税为饵的钓鱼攻击

https://www.bleepingcomputer.com/news/security/scammers-target-universities-in-ongoing-irs-phishing-attacks/

 

印度Mobikwik否认网上出售的8T数据是从公司泄露的

https://www.bleepingcomputer.com/news/security/leading-indian-fintech-platform-mobikwik-denies-data-breach/

 

安全客 Security Geek

HIDS-Agent开发之抓取DNS请求和异常分析

https://www.anquanke.com/post/id/235715