每日攻防资讯简报[Jan.15th]

1.Jquery XSS漏洞

https://snyk.io/vuln/SNYK-JS-JQUERY-565129

1.Mose：针对配置管理(CM)服务器的后渗透工具

https://github.com/master-of-servers/mose

2.K55：Linux x86_64进程注入技术，使用自定义有效负载来操纵进程

https://github.com/josh0xA/K55

3.Umbrella_android：开源Android，iOS和Web应用程序，用于学习和管理数字和物理安全性

https://github.com/securityfirst/Umbrella_android

4.xnuspy：一个pongoOS模块，安装一个新的系统调用xnuspy_ctl，使可以从用户空间挂接内核函数

https://github.com/jsherman212/xnuspy

1.使用Brim的No-code威胁搜寻分析Qakbot

https://medium.com/brim-securitys-knowledge-funnel/analyzing-qakbot-using-brims-no-code-threat-hunting-8e3415c3338d

2.Spalax行动：针对哥伦比亚政府机构和私人公司的攻击

https://www.welivesecurity.com/2021/01/12/operation-spalax-targeted-malware-attacks-colombia/

1.使用DLL注入Hacking游戏

2.用于在Apache NiFi和Kong API网关中获取远程代码执行（RCE）的Metasploit模块

https://labs.f-secure.com/tools/metasploit-modules-for-rce-in-apache-nifi-and-kong-api-gateway/

3.盲SSRF链词汇表

https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/

4.在Windows Mini-Filter驱动中挖掘漏洞

https://googleprojectzero.blogspot.com/2021/01/hunting-for-bugs-in-windows-mini-filter.html

5.如何在macOS上创建恶意的VSCode扩展，该扩展可用于进一步用于后渗透shenanigans

https://www.mdsec.co.uk/2021/01/macos-post-exploitation-shenanigans-with-vscode-extensions/

6.针对端点保护软件的真实威胁列表

https://github.com/v-p-b/avpwn

7.为准备OSWE以及AWAE课程而进行的所有培训和教程

https://github.com/wetw0rk/AWAE-PREP

8.通过将RAM转换为Wi-Fi卡来突破气隙系统

https://www.thesslstore.com/blog/researchers-breach-air-gapped-systems-by-turning-ram-into-wi-fi-card/

9.Phishing through the prism of graphic design

https://www.cyren.com/blog/articles/phishing-through-the-prism-of-graphic-design

10.什么是DLL劫持

https://www.upguard.com/blog/dll-hijacking

11.2020年威胁性景观回顾报告：2020年报告的CVE数量增长6％

https://www.tenable.com/cyber-exposure/2020-threat-landscape-retrospective

12.准备用于威胁管理的客户端环境

https://securityintelligence.com/posts/preparing-client-environment-for-threat-management/