每日安全动态推送(08-09)

admin 腾讯玄武实验室 2019-08-09


Tencent Security Xuanwu Lab Daily News


• [Windows] BlackHat USA 2019: 
https://docs.google.com/presentation/d/1lQHTqXZIDxwaIUnXdO-EdvGp79RzH1rbM4zE45Kki2I/edit?usp=sharing

   ・ 这个议题主要是介绍BloodHound,BloodHound将获取Domain Admin方式以地图方式展示出来,并且能计算出最佳路径,大大提高了域渗透的效率 – NRBZ


• [iOS] ssd-secure-disclosure/typhooncon2019: 
https://github.com/ssd-secure-disclosure/typhooncon2019/blob/master/Siguza%20-%20Mitigations.pdf

   ・ 详细介绍了iOS安全缓解措施的一步步进化 – R3dF09


• [Windows] [PDF] https://i.blackhat.com/USA-19/Wednesday/us-19-Joly-Hunting-For-Bugs-Catching-Dragons.pdf: 
https://i.blackhat.com/USA-19/Wednesday/us-19-Joly-Hunting-For-Bugs-Catching-Dragons.pdf

   ・ Nicolas Joly 在 BlackHat USA 2019 对 Outlook/Exchange 漏洞及利用的总结 – Jett


• [PDF] http://i.blackhat.com/USA-19/Wednesday/us-19-Shwartz-Selling-0-Days-To-Governments-And-Offensive-Security-Companies.pdf: 
http://i.blackhat.com/USA-19/Wednesday/us-19-Shwartz-Selling-0-Days-To-Governments-And-Offensive-Security-Companies.pdf

   ・ 研究员 Maor Shwartz 在 BlackHat USA 2019 会议上对 0Day 市场买卖交易双方的介绍 – Jett


• [Attack] Suspected BITTER APT Continues Targeting Government of China and Chinese Organizations: 
https://www.anomali.com/blog/suspected-bitter-apt-continues-targeting-government-of-china-and-chinese-organizations#When:19:24:00Z

   ・ Anomali 团队抓到一个针对中国政府部门的站点钓鱼攻击行动 – Jett


• [Windows] How to Bypass WDAC with dbgsrv.exe: 
https://www.fortynorthsecurity.com/how-to-bypass-wdac-with-dbgsrv-exe/

   ・ 作者通过看微软网站上 WDAC 机制推荐的进程黑名单,发现可以通过 dbgsrv.exe 提供的远程调试功能实现绕过 WDAC。 – Jett


• [Exploit, Virtualization, Windows, Vulnerability] Reverse RDP Attack: The Hyper-V Connection: 
https://research.checkpoint.com/reverse-rdp-the-hyper-v-connection/

   ・ 基于 RDP 剪贴板路径穿越漏洞实现 Hyper-V Guest-To-Host 逃逸 – Ke Liu


• [macOS, Bug Bounty, iOS] Apple expands its bug bounty, increases maximum payout to $1M | TechCrunch: 
https://techcrunch.com/2019/08/08/apple-hackers-macos-security/

   ・ Apple 终于决定推出面向大众的 Bug Bounty 项目了。实现 “Zero-Click” 的一套内核代码利用链最多奖励 100 万美金 – Jett


• [Windows, Fuzzing, Tools] Building libFuzzer fuzzers on Windows with cmake/Visual Studio: 
http://ekse.github.io/fuzzing/2019/08/07/libfuzzer-windows-cmake.html

   ・ 在 Windows 上使用 libFuzzer 进行 Fuzz – Ke Liu


• [Network, Tools] Introducing Certificate Transparency Monitoring: 
https://cfl.re/2YPHVHv

   ・ CloudFlare 推出 Certificate Transparency 证书透明度监控服务,监控证书的滥用签发 – Jett


• Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware: 
https://mcafee.ly/31piKgp

   ・ Avaya VoIP 手机固件被发现严重 RCE 漏洞 – Jett


* 查看或搜索历史推送内容请访问: 
https://sec.today

* 新浪微博账号: 腾讯玄武实验室 
https://weibo.com/xuanwulab

    已同步到看一看

    发送中

    本站仅按申请收录文章,版权归原作者所有
    如若侵权,请联系本站删除
    觉得不错,分享给更多人看到
    腾讯玄武实验室 热门文章:

    BadTunnel:跨网段劫持广播协议    阅读/点赞 : 3386/54

    安全动态推送春节合辑(上)    阅读/点赞 : 449/5

    每日安全动态推送(02-21)    阅读/点赞 : 392/4

    每日安全动态推送(03-13)    阅读/点赞 : 390/6

    每日安全动态推送(09-19)    阅读/点赞 : 380/4

    每日安全动态推送(10-11)    阅读/点赞 : 378/4

    每日安全动态推送(06-20)    阅读/点赞 : 368/6

    每日安全动态推送(10-19)    阅读/点赞 : 344/4

    每日安全动态推送(11-25)    阅读/点赞 : 331/4

    每日安全动态推送(07-18)    阅读/点赞 : 320/4

    腾讯玄武实验室 微信二维码

    腾讯玄武实验室 微信二维码