每日攻防资讯简报[Aug.13th]

  • A+
所属分类:安全新闻

每日攻防资讯简报[Aug.13th]

0x00资讯

1.SANS研究所遭受了数据泄露,暴露了包含个人身份信息(PII)的28,000条用户记录

https://www.sans.org/dataincident2020

0x01漏洞

1.QNX Slinger中隐藏的目录遍历漏洞

https://www.vdoo.com/blog/directory-traversal-vulnerability-in-qnx-slinger/

 

2.Windows Print Spooler提权漏洞PoC(CVE-2020-1337)

https://github.com/sailay1996/cve-2020-1337-poc

https://github.com/neofito/CVE-2020-1337

 

3.如何在Active Directory中滥用GenericWrite ACE配置错误以运行任意可执行文件

https://sensepost.com/blog/2020/ace-to-rce/

 

4.ReVoLTE攻击:利用LTE实现缺陷,恢复加密的VoLTE呼叫内容

https://revolte-attack.net/

 

5.在WordPress插件中狩猎SQL注入(SQLis)和跨站点请求伪造(CSRF)漏洞

https://medium.com/tenable-techblog/hunting-for-sql-injections-sqlis-and-cross-site-request-forgeries-csrfs-in-wordpress-plugins-632dafc9cd2f

 

6.microsoft.com和Nextcloud上的无密码WebAuthn中的PIN绕过

https://hwsecurity.dev/2020/08/webauthn-pin-bypass/

 

7.发现和分析Windows PhoneBook UAF漏洞(CVE-2020-1530)

https://symeonp.github.io/2020/12/08/phonebook-uaf-analysis.html

0x02恶意代码

1.PowerFall行动:攻击者使用的Internet Explorer和Windows 0Day漏洞

https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/

 

2.Android平台恶意代码收集

https://github.com/mstfknn/android-malware-sample-library

 

3.Dharma勒索软件攻击详细分析

https://news.sophos.com/en-us/2020/08/12/color-by-numbers-inside-a-dharma-ransomware-as-a-service-attack/

 

4.银行木马DiamondFox家族的新成员DiamondFox Kettu

https://fr3d.hk/blog/diamondfox-bank-robbers-will-be-replaced

0x03工具

1.DefensiveInjector:Shellcode注入器

https://github.com/bats3c/DefensiveInjector

https://labs.jumpsec.com/2020/08/11/defending-your-malware/

 

2.litewaf:简易的In-App WAF

https://github.com/echo-devim/litewaf

 

3.vps-docker-for-pentest:用docker在谷歌云平台或Digital Ocean上创建用于渗透的VPS

https://github.com/aaaguirrep/vps-docker-for-pentest

 

4.Zolom:C#可执行文件,可以反射性地用于在未安装Python的系统上运行(嵌入的)Python代码

https://github.com/checkymander/Zolom

0x04技术

1.Fuzzing sockets, part 2: FreeRDP

https://securitylab.github.com/research/fuzzing-sockets-FreeRDP

 

2.如何对安全工具进行基准测试:使用WebGoat的案例研究

https://about.gitlab.com/blog/2020/08/11/how-to-benchmark-security-tools/

 

3.将Splunk转换成漏洞扫描器

https://vulners.blog/2020/08/12/game-changing-plugin-for-your-splunk-try-out-new/

 

4.(权限不足时)导出Outlook私钥和解密基于S/MIME加密的电子邮件

https://www.errno.fr/OutlookDecrypt/OutlookDecrypt

 

5.如何利用最新的TLS检查解决方案中的安全功能进行隐秘的数据渗透

https://www.mnemonic.no/blog/introducing-snicat

https://github.com/mnemonic-no/SNIcat

 

6.To the Brim at the Gates of Mordor Pt. 1

https://holisticinfosec.io/post/brim-mordor/

 

7.利用Windows电源管理API实现代码执行和检测规避

https://github.com/am0nsec/vx/tree/master/Virus.Win64.DeusSomnum

https://vxug.fakedoma.in/papers/VXUG/Exclusive/AbusingtheWindowsPowerManagementAPI.pdf

 

8.Google App Engine,Azure App Service在网络钓鱼活动中被滥用

https://www.netskope.com/blog/a-big-catch-cloud-phishing-from-google-app-engine-and-azure-app-service

天融信阿尔法实验室成立于2011年,一直以来,阿尔法实验室秉承“攻防一体”的理念,汇聚众多专业技术研究人员,从事攻防技术研究,在安全领域前瞻性技术研究方向上不断前行。作为天融信的安全产品和服务支撑团队,阿尔法实验室精湛的专业技术水平、丰富的排异经验,为天融信产品的研发和升级、承担国家重大安全项目和客户服务提供强有力的技术支撑。



每日攻防资讯简报[Aug.13th]

每日攻防资讯简报[Aug.13th]

天融信

阿尔法实验室

长按二维码关注我们



发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: