![每日攻防资讯简报[Aug.13th]](http://cn-sec.com/wp-content/uploads/2020/08/10-1597509737.jpeg "每日攻防资讯简报[Aug.13th]")
1.SANS研究所遭受了数据泄露,暴露了包含个人身份信息(PII)的28,000条用户记录
https://www.sans.org/dataincident2020
1.QNX Slinger中隐藏的目录遍历漏洞
https://www.vdoo.com/blog/directory-traversal-vulnerability-in-qnx-slinger/
2.Windows Print Spooler提权漏洞PoC(CVE-2020-1337)
https://github.com/sailay1996/cve-2020-1337-poc
https://github.com/neofito/CVE-2020-1337
3.如何在Active Directory中滥用GenericWrite ACE配置错误以运行任意可执行文件
https://sensepost.com/blog/2020/ace-to-rce/
4.ReVoLTE攻击:利用LTE实现缺陷,恢复加密的VoLTE呼叫内容
https://revolte-attack.net/
5.在WordPress插件中狩猎SQL注入(SQLis)和跨站点请求伪造(CSRF)漏洞
https://medium.com/tenable-techblog/hunting-for-sql-injections-sqlis-and-cross-site-request-forgeries-csrfs-in-wordpress-plugins-632dafc9cd2f
6.microsoft.com和Nextcloud上的无密码WebAuthn中的PIN绕过
https://hwsecurity.dev/2020/08/webauthn-pin-bypass/
7.发现和分析Windows PhoneBook UAF漏洞(CVE-2020-1530)
https://symeonp.github.io/2020/12/08/phonebook-uaf-analysis.html
1.PowerFall行动:攻击者使用的Internet Explorer和Windows 0Day漏洞
https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/
2.Android平台恶意代码收集
https://github.com/mstfknn/android-malware-sample-library
3.Dharma勒索软件攻击详细分析
https://news.sophos.com/en-us/2020/08/12/color-by-numbers-inside-a-dharma-ransomware-as-a-service-attack/
4.银行木马DiamondFox家族的新成员DiamondFox Kettu
https://fr3d.hk/blog/diamondfox-bank-robbers-will-be-replaced
1.DefensiveInjector:Shellcode注入器
https://github.com/bats3c/DefensiveInjector
https://labs.jumpsec.com/2020/08/11/defending-your-malware/
2.litewaf:简易的In-App WAF
https://github.com/echo-devim/litewaf
3.vps-docker-for-pentest:用docker在谷歌云平台或Digital Ocean上创建用于渗透的VPS
https://github.com/aaaguirrep/vps-docker-for-pentest
4.Zolom:C#可执行文件,可以反射性地用于在未安装Python的系统上运行(嵌入的)Python代码
https://github.com/checkymander/Zolom
1.Fuzzing sockets, part 2: FreeRDP
https://securitylab.github.com/research/fuzzing-sockets-FreeRDP
2.如何对安全工具进行基准测试:使用WebGoat的案例研究
https://about.gitlab.com/blog/2020/08/11/how-to-benchmark-security-tools/
3.将Splunk转换成漏洞扫描器
https://vulners.blog/2020/08/12/game-changing-plugin-for-your-splunk-try-out-new/
4.(权限不足时)导出Outlook私钥和解密基于S/MIME加密的电子邮件
https://www.errno.fr/OutlookDecrypt/OutlookDecrypt
5.如何利用最新的TLS检查解决方案中的安全功能进行隐秘的数据渗透
https://www.mnemonic.no/blog/introducing-snicat
https://github.com/mnemonic-no/SNIcat
6.To the Brim at the Gates of Mordor Pt. 1
https://holisticinfosec.io/post/brim-mordor/
7.利用Windows电源管理API实现代码执行和检测规避
https://github.com/am0nsec/vx/tree/master/Virus.Win64.DeusSomnum
https://vxug.fakedoma.in/papers/VXUG/Exclusive/AbusingtheWindowsPowerManagementAPI.pdf
8.Google App Engine,Azure App Service在网络钓鱼活动中被滥用
https://www.netskope.com/blog/a-big-catch-cloud-phishing-from-google-app-engine-and-azure-app-service
天融信阿尔法实验室成立于2011年,一直以来,阿尔法实验室秉承“攻防一体”的理念,汇聚众多专业技术研究人员,从事攻防技术研究,在安全领域前瞻性技术研究方向上不断前行。作为天融信的安全产品和服务支撑团队,阿尔法实验室精湛的专业技术水平、丰富的排异经验,为天融信产品的研发和升级、承担国家重大安全项目和客户服务提供强有力的技术支撑。
![每日攻防资讯简报[Aug.13th]](http://cn-sec.com/wp-content/uploads/2020/08/7-1597509738.png "每日攻防资讯简报[Aug.13th]")
![每日攻防资讯简报[Aug.13th]](http://cn-sec.com/wp-content/uploads/2020/08/0-1597509740.jpeg "每日攻防资讯简报[Aug.13th]")
天融信
阿尔法实验室
长按二维码关注我们
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论