每日安全动态推送(01-24)

Admin 腾讯玄武实验室 2019-01-24

Xuanwu Lab Security Daily News


  • [ Attack ]  Making Meterpreter Look Google-Signed (Using MSI & JAR Files):

    https://medium.com/forensicitguy/making-meterpreter-look-google-signed-using-msi-jar-files-c0a7970ff8b7


  • [ Browser ]  Safari 技术预览版 74 发布: 

    https://webkit.org/blog/8566/release-notes-for-safari-technology-preview-74/


  • [ Bug Bounty ]  近几年的 Bug bounty writeups 及奖励情况收集列表:

    https://pentester.land/list-of-bug-bounty-writeups.html


  • [ Fuzzing ]  使用 DeepState 对 API 进行模糊测试,Part 2:

    https://blog.trailofbits.com/2019/01/23/fuzzing-an-api-with-deepstate-part-2/


  • [ Industry News ]  Exchange 审核日志提供了会话信息以更好的分析账户行为,从而更准确的发现攻恶意击者: 

    https://blogs.technet.microsoft.com/exchange/2019/01/04/contextualizing-attacker-activity-within-sessions-in-exchange-online/


  • [ Industry News ]  有人攻破了 PHP PEAR 网站并篡改了 go-pear.phar 安装包:

    https://thehackernews.com/2019/01/php-pear-hacked.html


  • [ iOS ]  IPC Voucher UaF Remote Jailbreak Stage 2:

    http://blogs.360.cn/post/IPC%20Voucher%20UaF%20Remote%20Jailbreak%20Stage%202.html


  • [ MalwareAnalysis ]  Trendmicro 针对 Emotet 的深入分析: 

    https://blog.trendmicro.com/trendlabs-security-intelligence/going-in-depth-with-emotet-multilayer-operating-mechanisms/


  • [ Pentest ]  通过 regsrv32.exe 绕过 Applocker 应用程序白名单的多种方法: 

    https://www.hackingarticles.in/bypass-application-whitelisting-using-regsrv32-exe-multiple-methods/


  • [ Tools ]  Htcap - 一款通过拦截 ajax 调用和 DOM 修改的方式进行 Web 应用扫描的工具 :

    https://github.com/fcavallarin/htcap


  • [ Vulnerability ]  在 Ubuntu 64 位 Chrome 上对 Magellan 漏洞的利用介绍:

    https://blog.exodusintel.com/2019/01/22/exploiting-the-magellan-bug-on-64-bit-chrome-desktop/


  • [ Vulnerability ]  ERPNext 的模版注入漏洞:

    https://medium.com/bugbountywriteup/frapp%C3%A9-technologies-erpnext-server-side-template-injection-74e1c95ec872


  • [ Vulnerability ]   ghostscript 中可能导致命令执行的漏洞(CVE-2019-6116)披露:

    https://www.openwall.com/lists/oss-security/2019/01/23/5


  • [ Tools ]  Malice - 一款类似 VirusTotal 的开源版软件 : 

    https://github.com/maliceio/malice


  • [ Crypto ]  通过 Unicorn Engine emusca 在 Cortex-M3 处理器上恢复 AES 密钥 : 

    https://blog.adafruit.com/2019/01/22/recovering-the-aes-key-on-a-cortex-m3-processor-with-emusca-using-unicorn_engine-and-daredevil-by-jevinskie/


  • [ Vulnerability ]  ASPEED ast2400 和 ast2500 的 BMC 允许主机对 BMC 的物理地址进行任意读写的漏洞披露(CVE-2019-6260): 

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6260


  • [ Vulnerability ]  如何逃离受限的网络环境与 bypass DLP: 

    https://www.sixgen.io/single-post/2019/01/22/BreakFree


  • [ iOS ]  iOS jailbreak internals (3): some features in XNU kernel zone: 

    https://www.weibo.com/ttarticle/p/show?id=2309404331585729133455


  • [ Tools ]  Conpot - 一款用于收集针对工业控制系统进行攻击的新 ICS 蜜罐 : 

    https://github.com/mushorg/conpot


  • [ Windows ]  2018年Windows漏洞年度盘点: 

    https://www.freebuf.com/articles/paper/194868.html


* 查看或搜索历史推送内容请访问: https://sec.today

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)


    发送中

    本站仅按申请收录文章,版权归原作者所有
    如若侵权,请联系本站删除
    觉得不错,分享给更多人看到
    腾讯玄武实验室 热门文章:

    BadTunnel:跨网段劫持广播协议    阅读/点赞 : 3386/54

    安全动态推送春节合辑(上)    阅读/点赞 : 449/5

    每日安全动态推送(02-21)    阅读/点赞 : 392/4

    每日安全动态推送(03-13)    阅读/点赞 : 390/6

    每日安全动态推送(09-19)    阅读/点赞 : 380/4

    每日安全动态推送(10-11)    阅读/点赞 : 378/4

    每日安全动态推送(06-20)    阅读/点赞 : 368/6

    每日安全动态推送(10-19)    阅读/点赞 : 344/4

    每日安全动态推送(11-25)    阅读/点赞 : 331/4

    每日安全动态推送(07-18)    阅读/点赞 : 320/4

    腾讯玄武实验室 微信二维码

    腾讯玄武实验室 微信二维码