2022-08-20安全文章整理

admin 2022年8月21日12:01:11安全闲碎评论4 views12581字阅读41分56秒阅读模式


美国“内战”几乎不可避免 http://mp.weixin.qq.com/s?__biz=MzAwMzU1ODAwOQ==&mid=2650388572&idx=1&sn=86444ad69739f62be44e6b6b89d2b1e6&chksm=8334474ab443ce5c4f9c7d841e3d61b9976c88221a5462dde65bb8fc24859b4601160e0f4dd2#rd
Consul 1.13 正式发布,包括这些重大更新 http://mp.weixin.qq.com/s?__biz=MzAxMTA4Njc0OQ==&mid=2651453327&idx=1&sn=9ced1eadb7bd6e6ac871d3caece2de68&chksm=80bb297db7cca06b41e6db7869ca4dc3c5f7967eeb4d2699b8b396d06de183e569fd4e41d668#rd
dnsReaper - 攻击者、漏洞赏金猎人和蓝队的子域接管工具! http://www.kitploit.com/2022/08/dnsreaper-subdomain-takeover-tool-for.html
Celer Network cBridge 跨链桥事故真相:BGP 劫持 https://wiki.ioin.in/url/bkyq
论如何优雅的注入 Java Agent 内存马 https://wiki.ioin.in/url/YDX0
恢复出厂设置的手机数据还能恢复吗 http://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247484972&idx=1&sn=b13ad1c546ab1fd20b5d517809ad0b3a&chksm=cf3e261cf849af0acd741296bdea174af47dfa5755ef3218a47c49ed1ef806fab1c4371c29f9#rd
谷歌地图正在被“抛弃”,但创业者们却用地图玩出了花 https://www.woshipm.com/pd/5571418.html
aFreeRDP – 远程桌面协议(RDP)客户端 FreeRDP 的 Android 版本 https://www.appinn.com/afreerdp/
反勒索软件开发实战篇 http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458464923&idx=3&sn=33665ecd064d94977d8c2150e0072fca&chksm=b18e021186f98b071531f7c71b93a22cd76578ad55f850ae9c8c9dfb10bff382fd981d709b5c#rd
[安全运维向]模拟搭建小型企业内网 http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458464923&idx=2&sn=23855cc68fcc93c5ad43c41656efe14f&chksm=b18e021186f98b0793796c961a042f090bc6adba0b9b8b751ee18b48227e923836303f8fae5d#rd
议题征集中!10.23上海,2022 SDC 期待相见 http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458464923&idx=1&sn=b6d32cf2cf22d9434581f377593ac7c3&chksm=b18e021186f98b079b2fa45ed750fbb97853b669dc8654a654bb61c7c2c66c58c2082d544ba0#rd
CAN总线终端电阻为什么是120Ω? http://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247511427&idx=1&sn=0fca5bab301ef83a86ece06be7f3298b&chksm=e927e958de50604e9a5a65c49198d3b321d40b9eaf3be81becf6a680e0651cb7d8f419c31b8b#rd
一例简单的frida反调试绕过 https://www.c0bra.xyz/2022/08/08/%E4%B8%80%E4%BE%8B%E7%AE%80%E5%8D%95%E7%9A%84frida%E5%8F%8D%E8%B0%83%E8%AF%95%E7%BB%95%E8%BF%87/
Noptchaxa0– 鉴于越来越离谱的人机验证(Captcha),是时候用机器人反击了 https://www.appinn.com/noptcha/
第20篇:改造冰蝎客户端适配JNDIExploit的内存马 http://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247484370&idx=1&sn=41144e2b24cf223753b1f631b7a7269b&chksm=c25fcca9f52845bfec4aceb55bbc2e35b95605873193a0a499b9505957039619598ae458b045#rd
增加soundcloud缓存 http://an7isec.blogspot.com/
任意键|蜘蛛侠登陆 PC;141 特遣队再次出击;海绵宝宝多元宇宙及其他 https://sspai.com/post/75257
每周文章分享-69 http://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247493885&idx=1&sn=f868971d0c3ebbcb4b66fc9edd273794&chksm=e9f128fede86a1e8b0a91e34d58a3c5ebf7de5e4f34d1b1fb391366f890293a30ae4b5b1f858#rd
Celer Network cBridge 跨链桥事故真相:BGP 劫持 http://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247496137&idx=1&sn=a5561bd9702639d05146447f0fa4f697&chksm=fdde8f4ecaa90658e18a554ad5220698dbf40af8b3be096d48e86bed8312bc33a6dd907a32e9#rd
重新认识拼音与发音:聊聊汉语拼音与注音符号方案的差异 https://sspai.com/post/75248
揭露APT组织穆伦鲨(MurenShark), 瞄向土潜艇科研人员 https://www.freebuf.com/articles/network/342426.html
对木马进行静态免杀(新手篇)送免杀工具包 http://mp.weixin.qq.com/s?__biz=MzU4MjYxNTYwNA==&mid=2247485941&idx=1&sn=c983a9b3a7198bb0516640da05825069&chksm=fdb4deaecac357b83390876f5c39bb7ced9cdfcba8bda7ac503e34628ae43ccd62482294527b#rd
云容器是裹着糖衣的威胁吗? https://www.4hou.com/posts/oJ83
ÆPIC Leak漏洞影响Intel CPU https://www.4hou.com/posts/O96L
一款快速探测内网可达网段工具 http://mp.weixin.qq.com/s?__biz=MzI4NTcxMjQ1MA==&mid=2247574865&idx=1&sn=9d3b80860e6b6866355e9d459119f261&chksm=ebebec7cdc9c656aed21bb57b27bcf7a624a68a1bd34739505e96022387f7cb48ed2f8ddc927#rd
神兵利器 | 分享个内存马生成器兼容多种容器、组件···(附下载) http://mp.weixin.qq.com/s?__biz=MzI1NTM4ODIxMw==&mid=2247493632&idx=1&sn=4b3c1b300e46afcdc676a517e2e5f525&chksm=ea34175add439e4cec9aa7f3f6709db3c6de04d36a8b72bbfcd5809904a02608859bfb9cb6a9#rd
云容器是裹着糖衣的威胁吗? http://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247548716&idx=2&sn=c6b1f038874b4d20c8ece9734453a225&chksm=e915ef16de626600bea23317dd5fee96a91dc0a5b99524b8b5c768817cb7c60cfd9442412f43#rd
ÆPIC Leak漏洞影响Intel CPU http://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247548716&idx=1&sn=4c85bd0d03bb56ddfe35c4894ad059a5&chksm=e915ef16de626600242b5406f1f6aa8499109bcc1a963a40c9e63f2dfddc88cc6c91376d4354#rd
【渗透实例】 一次果聊app提权 http://mp.weixin.qq.com/s?__biz=MzAwMjc0NTEzMw==&mid=2653579696&idx=1&sn=ecff84d248b76f173d6fd9c464c7b288&chksm=811b7ff2b66cf6e4c487cc7e0304c61a12049e3f809aa8c5883ba53bb9219b3da7ebeb0edaeb#rd
超全Linux应急响应技巧 http://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247490634&idx=1&sn=aeb7f2f4f3444d89a25abf4ccff93b17&chksm=c175e1e5f60268f327b9ce55b83676c981e325fcac57428f39d102105653283d264a016a311b#rd
裸奔小时代--裸奔之下,焉有完卵 http://mp.weixin.qq.com/s?__biz=MzIyNDcwODgwMA==&mid=2247484795&idx=1&sn=ba2eaa0ab675b9f40d7d8452efb22627&chksm=e80b94d4df7c1dc22b3dab00422bf0d2c2a1a2a49678076616e1ac253593e115e21abbbe833b#rd
渗透测试之逻辑漏洞挖掘(个人经验总结) http://mp.weixin.qq.com/s?__biz=Mzg5NzU1MzM5Mw==&mid=2247509120&idx=1&sn=6b6b22234e6473203ff9f8346148914d&chksm=c072e21ef7056b085edc84203f19ed2ac13d0cf623f6d1f39ab440eb59b4647cf5ab2a6772af#rd
监视间谍。查看应用内浏览器注入了哪些 JavaScript 命令 https://www.malwarebytes.com/blog/news/2022/08/spying-on-the-spies-see-what-javascript-commands-get-injected-by-an-in-app-browser
解释:隐写术 https://www.malwarebytes.com/blog/news/2022/08/explained-steganography
FreeBuf周报 |xa0Gartner发布2022年新兴技术成熟度曲线;两款红米手机存在安全漏洞;Instagram跟踪用户网络活动 https://www.freebuf.com/articles/342403.html
【开放下载】: 反黑工具箱一之Windows安全检测工具 http://mp.weixin.qq.com/s?__biz=MjM5NDcxMDQzNA==&mid=2247487317&idx=1&sn=5e041ae628e4443e389af6acfd7fdbe8&chksm=a682d99891f5508eca2c8c15f89f6345e8ffe26506a33dec7a7722b54f6f12ea0eb8336b6167#rd
通过供应链拿到目标后台权限的过程 http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548498&idx=4&sn=679995aedd634854969ff842766be7b9&chksm=83bd4cf6b4cac5e0f64b9d808bed1e088a1f682c443c935e57ba511de81130e7b62c200b742b#rd
记一次有趣的渗透测试 http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548498&idx=3&sn=4e94f2ec5a6a6b135cb8999d56885838&chksm=83bd4cf6b4cac5e041dd0d2c2f1cb92d801f5c607d543c3290bce8babdc538e7da6fd6cc1c0b#rd
英特尔新型CPU漏洞可致敏感数据泄露 http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548498&idx=2&sn=4dbe1c611a79eee76cd1db553b569dab&chksm=83bd4cf6b4cac5e0ce337bede5deb068268ee543dadc3f7008fcab26fb992d884d53a896019d#rd
记一次授权渗透测试 http://mp.weixin.qq.com/s?__biz=Mzg2NDY1MDc2Mg==&mid=2247493676&idx=2&sn=794afa1dec85d368233cc3413e37b372&chksm=ce64bb49f913325f3ecc5a1bc563aebab845594cf9b467ceef37a79706a2ed851f73378911fe#rd
网信办:“清朗”行动已清理违法和不良账号近14亿个;百度网盘出现重大丑闻:泄露用户照片?官方回应 http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650548498&idx=1&sn=65771a0c1c184ba41f35d9e223e35481&chksm=83bd4cf6b4cac5e03d356a1c20373f427af2d75373201bc5b1fc5981adad487ccd66bec8a4eb#rd
SRC威胁情报挖掘 http://mp.weixin.qq.com/s?__biz=Mzg2NDY1MDc2Mg==&mid=2247493676&idx=1&sn=09be50944da17f36fdcbccac5b82598e&chksm=ce64bb49f913325fcc90f9ba91ad82684e7dd9681c8c5667974090b1aa37d0ceba41079b2eb6#rd
Wi-Fi Framework:一款功能强大的WiFi安全测试工具 http://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651187523&idx=4&sn=133f0b791b53a7cda5a1926e9c916717&chksm=bd1e7bc88a69f2de8b5e004811ebbd6a0e269c760bafb0b787bfc2fb2c106b7082a6bc643e72#rd
Killnet黑客组织声称已“攻破”洛克希德-马丁公司 http://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651187523&idx=3&sn=c2d8b600b29d43696ab8736262cc5f89&chksm=bd1e7bc88a69f2de5c6175c52f904969ac8a513d2bcdf7fe05b0cd4166895e68cf2764be0a8c#rd
因收集Android 位置数据,Google被罚六千万美元 http://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651187523&idx=2&sn=14396163e26d401246cb3f484126003c&chksm=bd1e7bc88a69f2def39ac45161e529269018554eca9fc435e1b24d6d1822fc3c7051e85ea771#rd
洞见简报【2022/8/19】 http://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247486084&idx=1&sn=8d3c84d419a3125ddce7d98510d55587&chksm=9bdf9aa6aca813b09b7bea4a571e90862077123d40285d0749571e09e55a1cb3b64bc2d2b215#rd
网络安全趋势:最近在野外观察到的漏洞包括远程代码执行、跨站点脚本等 https://unit42.paloaltonetworks.com/recent-exploits-network-security-trends/
要知道什么,要学习什么?2022 年有哪些有用的网络技能? https://www.hexacorn.com/blog/2022/08/19/what-to-know-what-to-learn-what-are-useful-skills-for-cyber-in-2022/
appsmith,一个开源的低代码构建平台 http://mp.weixin.qq.com/s?__biz=MzkxNjIxNDQyMQ==&mid=2247491241&idx=1&sn=0f3d3c4a697e1f11019dac37df1573f2&chksm=c1521953f6259045a39adddabdc8aee5e0354c88fb6a2527729c8c2f1b6e858bc54eb128314d#rd
JAVA代码审计基础(一) http://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247493124&idx=1&sn=f6cf2d2da57949beb6725d5ddfab0270&chksm=c09a9554f7ed1c42f7df27374293caacc380ffe1592ace0206ca1870d75a554a7d6b064aeefc#rd
漏洞挖掘典型场景和思路 http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247508233&idx=2&sn=44eccb623927483fee1519dac96f1301&chksm=c3087279f47ffb6fcf881cc8e741087855083fefa6ee1caf2816ad5418c62258ef731795262f#rd
神兵利器 - EXOCET bypassAV http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247508233&idx=1&sn=fb8cdb671250f65ba6e09b904041460c&chksm=c3087279f47ffb6f87dca19fbb776159597c25f442d0769d099e40fe77134c04f9ab690ccd5c#rd
Android13系统定制之开机/关机Logo和动画 http://mp.weixin.qq.com/s?__biz=Mzg2NzUzNzk1Mw==&mid=2247493766&idx=2&sn=65c4aa942360ce23dd14e1965551f7c9&chksm=ceb8adc8f9cf24de79a2825e29cd6f617a4ad2c12d0441d580b7a9026c223d2932ee67015a5f#rd
硬件付费订阅引众怒,黑客向宝马宣战 | 安全事件22 http://mp.weixin.qq.com/s?__biz=MzAwMzYxNzc1OA==&mid=2247500829&idx=2&sn=8de7bd29d384f2ac897cb3ec4fa011c0&chksm=9b3ae2acac4d6bbad7007027bece02f4c02978334b6892d95ad21665b6f943ba32e6ee588eff#rd
今日忌:观看电影《明日战记》 http://mp.weixin.qq.com/s?__biz=MzAwMzYxNzc1OA==&mid=2247500829&idx=1&sn=60c40e1e5f33fcb122c70d773596d6e2&chksm=9b3ae2acac4d6bba308ac15130f3da986cfa83e4cf7a9ff50547f0d721c7359e713f7a182f27#rd
C++免杀绕过360工具 -- 360bypassu200b http://mp.weixin.qq.com/s?__biz=Mzg2NDM2MTE5Mw==&mid=2247494771&idx=2&sn=a8243cca0aafac1dc066ccb9aaa43c0f&chksm=ce6823f5f91faae31fce96056fff2aef4613d6556fefb313dbc5d1dd929524efd6ce7828068b#rd
记一次web登录通杀渗透测试到GETSHELL——续篇 http://mp.weixin.qq.com/s?__biz=Mzg2NDM2MTE5Mw==&mid=2247494771&idx=1&sn=7bac012849b420364b875a51a3272f60&chksm=ce6823f5f91faae3d085766f4913be2bf44b77dc7a493b0ad61554095a37d76e84a90f6bd15d#rd
【资料】俄-乌战争中的网络战武器使用概述 http://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651131486&idx=1&sn=5dfd1a779c3b857267b28b1be420e58b&chksm=f1af7964c6d8f0726763fe050fb25474380870580d31b056d1be85992e10b39f636e357c9ddd#rd
密码即 (Yara) 服务 https://www.hexacorn.com/blog/2022/08/19/password-as-a-yara-service/
[已修复] MacOS:在 RawCamera 中写入越界 https://bugs.chromium.org/p/project-zero/issues/detail?id=2293
网络研讨会 - 乌克兰 - 俄罗斯战争中使用的网络武器简报 - 概述和经验教训 https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/webinar-briefing-on-the-cyber-weapons-used-in-the-ukraine-russia-war-overview-and-得到教训/
软件尽职调查最重要的四个方面 https://www.synopsys.com/blogs/software-security/four-aspects-software-due-diligence-audits/
进攻性安全在线社区烧烤活动 https://www.offensive-security.com/offsec/offensive-security-online-community-bbq-event/
赵老哥 https://m.taoguba.com.cn/Article/4014199/1
闻少(上) https://m.taoguba.com.cn/Article/4178451/1
超级干货:如何做趋势票。 https://m.taoguba.com.cn/Article/4211626/1
OAuth2-0协议安全学习 http://mp.weixin.qq.com/s?__biz=MjM5MTYxNjQxOA==&mid=2652890369&idx=1&sn=3844f2f438f0d8d9d8aec9107d689735&chksm=bd5999cc8a2e10da18c1bd425061ede4a0aa6d6f139d5e0aa7b423bbae3a6f92e52281b4fedd#rd
闻少(下) https://m.taoguba.com.cn/Article/4190166/1
网络安全中的好、坏和丑——第 34 周 https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-34-4/
聊一聊基于"ebpf xdp"的rootkit https://wiki.ioin.in/url/4Va1
BlackHat USA 2022会议资料 https://wiki.ioin.in/url/EoPV
远控免杀专题(67)-白名单(113个)总结篇 http://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650246300&idx=2&sn=19c60140dfcea2de9a3ab85558ceda03&chksm=82ea5735b59dde23baedf27df5b8d5ddd20d65fe0aa382b43d9ca4eed821049660e245d2432d#rd
攻击者溯源反制 http://mp.weixin.qq.com/s?__biz=MzUyMTA0MjQ4NA==&mid=2247532737&idx=3&sn=aaa14fd4ef83102911b5d7afb80092de&chksm=f9e32f9ace94a68c880f64f411a402054f34862bc4332edaca67d7f124e9402a395b1b9e8c9c#rd
通过Metasploit Loader绕过杀软 http://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650246300&idx=1&sn=6cb6481820740060b10cc0a74b85bf64&chksm=82ea5735b59dde2372c64650edacccb0eb8a224ef43196b28b09dc4e35ea2598f8ca7fc4183f#rd
SRC漏洞挖掘与最重要的环节——信息收集 http://mp.weixin.qq.com/s?__biz=Mzg5OTY2NjUxMw==&mid=2247496883&idx=2&sn=ddd990812f091ea0ea325ed6dc538bae&chksm=c04d738df73afa9b9d4a8be9365411f59648f439b3b9970948fa4ff0d82d12c931da5e32d8f3#rd
一句代码,去除【分享引流弹窗】 http://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247503795&idx=2&sn=ea3d2c75bcdaa198dc027a15a1400caf&chksm=ebb520b0dcc2a9a6dd2c6a147366415d5aaa853b7b5a7a29fbe4ec6a57dabefe0e2a31bedec8#rd
内存马生成器 -- msmapu200b http://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247503795&idx=1&sn=8ba6d53be0a9ada592084217cd92ae27&chksm=ebb520b0dcc2a9a6d46703cc7678cebdbcdfc718ebe1f0eac61cd805ad581c8552b6c21301d1#rd
分享 | 一个CS信息搜集插件 http://mp.weixin.qq.com/s?__biz=Mzg5OTY2NjUxMw==&mid=2247496883&idx=1&sn=19f5536d83ab740c096223cc247ae36c&chksm=c04d738df73afa9bc358a917acbd359d3332d0a404cba3504caa7d0552c6a36abf8a4aafd855#rd


原文始发于微信公众号(威胁猎人):2022-08-20安全文章整理

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年8月21日12:01:11
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                  2022-08-20安全文章整理 http://cn-sec.com/archives/1245892.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: