每日攻防资讯简报[Aug.24th]

admin 2020年8月24日11:03:32评论424 views字数 3803阅读12分40秒阅读模式

每日攻防资讯简报[Aug.24th]

0x00资讯


1.世界上最大的在线图形资源网站之一Freepik数据泄露:黑客通过SQL注入窃取了830万条记录

https://www.bleepingcomputer.com/news/security/freepik-data-breach-hackers-stole-83m-records-via-sql-injection/

0x01漏洞

1.KaiOS预安装的移动应用程序中的多个HTML注入漏洞

https://research.nccgroup.com/2020/08/21/technical-advisory-multiple-html-injection-vulnerabilities-in-kaios-pre-installed-mobile-applications/

 

2.HP电子商务平台X-Cart由文件写入导致未经身份验证RCE的漏洞

https://nickbloor.co.uk/2020/08/21/x-cart-5/

 

3.Apache Struts RCE漏洞CVE-2019-0230 PoC

https://github.com/ramoncjs3/CVE-2019-0230

 

4.滥用共享内存以获取施耐德电气Modbus串行驱动程序上的本地权限升级(CVE-2020-7523)

https://airbus-cyber-security.com/abusing-a-shared-memory-for-getting-a-local-privilege-escalation-on-the-schneider-electric-modbus-serial-driver-cve-2020-7523/

0x02恶意代码

1.恶意程序包剖析

https://blog.phylum.io/malicious-javascript-code-in-npm-malware/

 

2.漏洞利用工具包的当前状态,Part2:Addressing ACG, XFG, CET, and VBS/HVCI

https://www.crowdstrike.com/blog/state-of-exploit-development-part-2/

 

3.AWS Community AMI中发现嵌入的挖矿软件

https://medium.com/mitiga-io/security-advisory-mitiga-recommends-all-aws-customers-running-community-amis-to-verify-them-for-5c3e8b47d2d8

 

4.远控BitRAT:最新的Copy-pasted恶意软件

https://krabsonsecurity.com/2020/08/22/bitrat-the-latest-in-copy-pasted-malware-by-incompetent-developers/

0x03工具

1.osw-fs-windows:Windows文件系统git历史

https://github.com/Wenzel/osw-fs-windows

 

2.adbsploit:通过ADB开发和管理Android设备,Python编写

https://github.com/mesquidar/adbsploit

 

3.dropengine:Payload创建工具

https://github.com/s0lst1c3/dropengine

 

4.DumpChromePasswords:PowerShell脚本,转储Chrome密码

https://github.com/gtworek/PSBits/blob/master/Misc/DumpChromePasswords.ps1

 

5.idapm:IDA插件管理器,通过Github仓库管理IDA插件

https://github.com/tkmru/idapm

 

6.scan-for-webcams:自动探测可公开访问的网络摄像头

https://github.com/JettChenT/scan-for-webcams

 

7.SharpKatz:Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

https://github.com/b4rtik/SharpKatz

 

8.wacker:对WPA3 AP执行在线字典攻击

https://github.com/blunderbuss-wctf/wacker

0x04技术

1.从照片逆向8086的算术/逻辑单元

http://www.righto.com/2020/08/reverse-engineering-8086s.html?m=1

 

2.如何调查网络钓鱼活动

https://letsdefend.io/blog/how-to-investigate-phishing-campaigns/

 

3.HackTheBox Writeup: Magic

https://t3chnocat.com/htb-magic/

 

4..NET Branca实现的ChaCha20-Poly1305算法一瞥

https://brycx.github.io/2020/08/22/a-look-at-a-branca-implementation.html

 

5.在AFL上对FFMpeg进行Fuzzing

https://hardik05.wordpress.com/2020/08/22/fuzzing-ffmpeg-with-afl-on-ubuntu/

 

6.对PHP7 Zend引擎的研究

https://github.com/0xbigshaq/php7-internals

 

7.子域枚举:过滤通配符域

https://0xpatrik.com/wildcard-domains/

 

8.使用KLEE进行符号执行:从安装到在开源软件中挖掘漏洞

https://adalogics.com/blog/symbolic-execution-with-klee

 

9.每个Web开发者都需要知道的XSS知识

https://www.loginradius.com/engineering/blog/cross-domain-security/

 

10.DIE:使用方面保留突变(aspect-preserving mutation) Fuzzing JavaScript引擎

https://github.com/sslab-gatech/DIE

https://ieeexplore.ieee.org/abstract/document/9152648/

 

11.Linux事件响应清单

https://www.hackingarticles.in/incident-response-linux-cheatsheet/

 

12.使用Kubelet客户机攻击Kubernetes集群

https://securityboulevard.com/2020/08/using-kubelet-client-to-attack-the-kubernetes-cluster

 

13.[ExpDev] Vulnserver — Part 6

https://medium.com/bugbountywriteup/expdev-vulnserver-part-6-8c98fcdc9131

 

14.揭秘PHP中不安全的反序列化

https://medium.com/@sghosh2402/demystifying-insecure-deserialization-in-php-684cab9c4d24

 

15.谷歌Chrome中间人,Part1:定位SSL VMT

https://plainsec.org/man-in-the-browser-in-google-chrome-part-1-locating-the-ssl-vmt/

 

16.Exploit Development: Between a Rock and a (Xtended Flow) Guard Place: Examining XFG

https://connormcgarr.github.io/examining-xfg/

 

17.漏洞赏金中如何更有效的利用Amass

https://medium.com/@hakluke/haklukes-guide-to-amass-how-to-use-amass-more-effectively-for-bug-bounties-7c37570b83f7

 

18.滥用P2P网络入侵300万台摄像头

天融信阿尔法实验室成立于2011年,一直以来,阿尔法实验室秉承“攻防一体”的理念,汇聚众多专业技术研究人员,从事攻防技术研究,在安全领域前瞻性技术研究方向上不断前行。作为天融信的安全产品和服务支撑团队,阿尔法实验室精湛的专业技术水平、丰富的排异经验,为天融信产品的研发和升级、承担国家重大安全项目和客户服务提供强有力的技术支撑。



每日攻防资讯简报[Aug.24th]

每日攻防资讯简报[Aug.24th]

天融信

阿尔法实验室

长按二维码关注我们



  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2020年8月24日11:03:32
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   每日攻防资讯简报[Aug.24th]http://cn-sec.com/archives/100267.html

发表评论

匿名网友 填写信息