![每日攻防资讯简报[Aug.25th]](http://cn-sec.com/wp-content/uploads/2020/08/10-1598498968.jpeg "每日攻防资讯简报[Aug.25th]")
1.Mitre发布的防御框架Shield
![每日攻防资讯简报[Aug.25th]](http://cn-sec.com/wp-content/uploads/2020/08/4-1598498969.png "每日攻防资讯简报[Aug.25th]")
https://shield.mitre.org/matrix/
2.美国股票人寿保险公司National Western Life被REvil勒索软件入侵,攻击者获取656 GB机密数据
![每日攻防资讯简报[Aug.25th]](http://cn-sec.com/wp-content/uploads/2020/08/7-1598498969.png "每日攻防资讯简报[Aug.25th]")
https://cybleinc.com/2020/08/24/national-western-life-insurance-company-nightmare-continues/
3.微软宣布Internet Explorer 11的退休时间表
https://hotforsecurity.bitdefender.com/blog/microsoft-announces-internet-explorer-11s-retirement-timeline-23981.html
1.C编写的针对嵌入式的TLS1.3客户端wolfSSL可导致中间人攻击的漏洞(CVE-2020-24613)
https://research.nccgroup.com/2020/08/24/technical-advisory-wolfssl-tls-1-3-client-man-in-the-middle-attack/
2.2020年全球勒索软件攻击中使用的前四大漏洞
https://blog.sensecy.com/2020/08/20/global-ransomware-attacks-in-2020-the-top-4-vulnerabilities/
3.TeamViewer高危漏洞,可允许攻击者窃取密码(CVE-2020-13699)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13699
1.RTF Royal Road释放了一个新的MFC后门,与Goblin Panda相关
https://medium.com/@Sebdraven/rtf-royal-road-drops-a-new-backdoor-mfc-and-links-with-goblin-panda-90db06f80611
2.银行木马QBot初始恶意文档中使用的新技术
https://blog.morphisec.com/qakbot-qbot-maldoc-two-new-techniques
3.揭开黑客雇佣军DeathStalker的面纱
https://securelist.com/deathstalker-mercenary-triumvirate/98177/
4.移动平台广告欺诈软件Triada和xhelper预装在20万台廉价手机上
https://www.upstreamsystems.com/well-known-malware-committing-click-ad-fraud-low-end-devices-emerging-markets-uncovered-secure-d/
5.假冒的Malwarebytes安装文件投递基于XMRig的门罗币挖矿软件
https://blog.avast.com/fake-malwarebytes-installation-files-distributing-coinminer
1.Red-EC2:在AWS上通过Ansible构建RedTeam基础设施
https://github.com/jfmaes/Red-EC2
2.drovorub-hunt:以网络为基础,协助搜寻Drovorub恶意软件C&C
https://github.com/Insane-Forensics/drovorub-hunt
1.Windows通过端口监视器实现驻留
https://posts.slayerlabs.com/monitor-persistence/
2.结合使用Microsoft Graph API和Python来查找Office365邮箱中的恶意收件箱规则
https://blog.rothe.uk/risky-rules-in-office365/
3.XSS:算术运算符和可选链接,以绕过过滤器和Sanitization
https://www.secjuice.com/xss-arithmetic-operators-chaining-bypass-sanitization/
4.在“下载”文件夹中执行“Python”命令可能导致代码执行
https://glyph.twistedmatrix.com/2020/08/never-run-python-in-your-downloads-folder.html
5.如何实现Office格式的Dropper
https://marcoramilli.com/2020/08/24/how-to-reverse-office-droppers-personal-notes/
6.HttpOnly标志:保护Cookies免受XSS攻击
https://www.acunetix.com/blog/web-security-zone/httponly-flag-protecting-cookies/
7.certutil – one more GUI lolbin
https://www.hexacorn.com/blog/2020/08/23/certutil-one-more-gui-lolbin/
8.PC-3000闪存:如何从microSD卡恢复数据
https://blog.acelaboratory.com/pc-3000-flash-circuit-board-and-msd-card-preparing-and-soldering.html
9.使用深度强化学习加持的WiFi攻击工具Pwnagotchi破解WiFi握手包
10.逆向Android平台的新冠追踪App
11.Python基础:使用Scapy构造数据包
https://medium.com/python-in-plain-english/python-basics-packet-crafting-with-scapy-b3e4ea5c8111
12.使用Safari网络共享API窃取本地文件
https://blog.redteam.pl/2020/08/stealing-local-files-using-safari-web.html
13.在Azure中检测和锁定基于网络的恶意软件
https://www.sans.org/blog/detecting-and-locking-down-network-based-malware-in-azure/
天融信阿尔法实验室成立于2011年,一直以来,阿尔法实验室秉承“攻防一体”的理念,汇聚众多专业技术研究人员,从事攻防技术研究,在安全领域前瞻性技术研究方向上不断前行。作为天融信的安全产品和服务支撑团队,阿尔法实验室精湛的专业技术水平、丰富的排异经验,为天融信产品的研发和升级、承担国家重大安全项目和客户服务提供强有力的技术支撑。
![每日攻防资讯简报[Aug.25th]](http://cn-sec.com/wp-content/uploads/2020/08/7-1598498970.png "每日攻防资讯简报[Aug.25th]")
![每日攻防资讯简报[Aug.25th]](http://cn-sec.com/wp-content/uploads/2020/08/1-1598498970.jpeg "每日攻防资讯简报[Aug.25th]")
天融信
阿尔法实验室
长按二维码关注我们
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论