每日安全动态推送(09-27)

  • A+
所属分类:安全新闻

Tencent Security Xuanwu Lab Daily News


• Hacking LG WebOS Smart TVs Using A Phone:
https://medium.com/geekculture/hacking-lg-webos-smart-tvs-using-a-phone-3fedba5d6f50

   ・ 用手机 Hacking LG 搭载基于 Linux 的 WebOS 智能电视 – Jett


• [Tools, Pentest] Attacking Azure, Azure AD, and Introducing PowerZure:
https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a

   ・ Attacking Azure, Azure AD, and Introducing PowerZure – Jett


• CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux:
https://sick.codes/sick-2021-111/

   ・ CVE-2021-39246 - Tor 浏览器日志中保存的时间戳可被用于泄露 client 的访问记录 – Jett


• [Attack] 疑似APT-C-56透明部落攻击预警:
https://mp.weixin.qq.com/s/hHBsy_B3jECr2FLk5g9gbA

   ・ 疑似APT-C-56透明部落攻击预警 . – lanying37


• [Network] Massive DDoS attacks on VoIP Providers and simulated DDoS testing:
https://www.rtcsec.com/post/2021/09/massive-ddos-attacks-on-voip-providers-and-simulated-ddos-testing/

   ・ Massive DDoS attacks on VoIP Providers and simulated DDoS testing – Jett


• [PDF] https://attl4s.github.io/assets/pdf/Understanding_Windows_Lateral_Movements.pdf:
https://attl4s.github.io/assets/pdf/Understanding_Windows_Lateral_Movements.pdf

   ・ 深入剖析 Windows 横向渗透 – Jett


• EXOCET - AV-evading, undetectable, payload delivery tool:
https://github.com/tanc7/EXOCET-AV-Evasion

   ・ EXOCET - 通过加密等手段生成免杀 Dropper Payload 的工具 – Jett


• TLDs vulnerable to autodiscover leaks:
https://autodiscover-vulnerable-tlds.com/

   ・ 上周推送过微软 Exchange 使用的 Autodiscover 协议存在敏感信息泄露的问题,有研究员开放了一个网站,监控相关信息泄露状态 – Jett


• [Tools, Linux] Waydroid:
https://github.com/waydroid/waydroid

   ・ Waydroid - 用容器的方案在 Linux 系统中启动完整 Android 系统 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


相关推荐: 【安全头条】黑客组织使用 ProxyLogon 漏洞攻击全球酒店

第124期 你好呀~欢迎来到“安全头条”,站长小安将为大家奉上新鲜、实时、有趣的安全热点。在文章底部时常交流、疯狂讨论,都是小安欢迎哒~如果对本小站的内容还有更多建议,也欢迎底部提出建议哦! 1、Nagios曝11个漏洞, 利用可致黑客接管IT设施 前不久,N…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: