每日安全动态推送(08-30)

admin 腾讯玄武实验室 2019-08-30


Tencent Security Xuanwu Lab Daily News


• [macOS] evilsocket/opensnitch: 
https://github.com/evilsocket/opensnitch

   ・ OpenSnitch - macOS Little Snitch 应用防火墙的 Linux 移植版 – Jett


• [Windows] Avira Optimizer Local Privilege Escalation: 
https://enigma0x3.net/2019/08/29/avira-optimizer-local-privilege-escalation/

   ・ Avira Optimizer Local Privilege Escalation through insecure named pipes – sakura


• [Network] Abuse of WS-Discovery Protocol Can Lead to Large-Scale DDoS Attacks: 
http://bit.ly/2ZvVAI2

   ・ WS-Discovery(Web服务动态发现协议)可被滥用实现大规模 DDoS 攻击 – Jett


• [iOS] In-the-wild iOS Exploit Chain 1: 
https://googleprojectzero.blogspot.com/2019/08/in-wild-ios-exploit-chain-1.html

   ・ Project Zero 对在野外某个网站发现的一套 iOS 0Day Exploit 的详细分析,涉及 iOS 15 个漏洞,其中 7 个浏览器的、5 个内核的、2 个沙箱逃逸的。 – Jett


• telspacesystems/Asus-DOS: 
https://github.com/telspacesystems/Asus-DOS/

   ・ 华硕 Windows 触摸板驱动 AsusPTPFilter.sys 存在拒绝服务漏洞(CVE-2019-10709) – Jett


• [Windows, Tools] leoloobeek/COMProxy: 
https://github.com/leoloobeek/COMProxy

   ・ COMProxy - 用于测试 COM 劫持的 Proxy,代理 Client 和 Server 的通信 – Jett


• [Browser] 1876 - JSC: JIT: A bug in ArgumentsEliminationPhase::transform - project-zero - Monorail: 
https://bugs.chromium.org/p/project-zero/issues/detail?id=1876

   ・ lokihardt 在 jsc 编译器中 fuzz 出来的新漏洞 – AI_FUZZ


• [Windows] [PDF] https://www.specterops.io/assets/resources/SpecterOps_Subverting_Trust_in_Windows.pdf: 
https://www.specterops.io/assets/resources/SpecterOps_Subverting_Trust_in_Windows.pdf

   ・ SpecterOps 之前发的一份关于 Windows 系统信任机制的 Paper《Subverting Trust in Windows》 –Jett


• Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into the Kernel with RDP PDU: 
https://unit42.paloaltonetworks.com/exploitation-of-windows-cve-2019-0708-bluekeep-three-ways-to-write-data-into-the-kernel-with-rdp-pdu/

   ・ Palo Alto 关于 Windows CVE-2019-0708 (BlueKeep) 漏洞利用方法的研究 – Jett


• Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware: 
http://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-devilish-debug-details-part-one-pdb-paths-malware.html

   ・ 从 Windows 二进制调试符号信息(PDB)的角度看待恶意软件的开发过程 – Jett


• [Web, Report] [PDF] https://www.hackerone.com/sites/default/files/2019-08/hacker-powered-security-report-2019.pdf: 
https://www.hackerone.com/sites/default/files/2019-08/hacker-powered-security-report-2019.pdf

   ・ Hackerone 发布《Hacker Powered Security Report 2019》报告 – Jett


* 查看或搜索历史推送内容请访问: 
https://sec.today

* 新浪微博账号: 腾讯玄武实验室 
https://weibo.com/xuanwulab

    已同步到看一看

    发送中

    本站仅按申请收录文章,版权归原作者所有
    如若侵权,请联系本站删除
    觉得不错,分享给更多人看到
    腾讯玄武实验室 热门文章:

    BadTunnel:跨网段劫持广播协议    阅读/点赞 : 3386/54

    安全动态推送春节合辑(上)    阅读/点赞 : 449/5

    每日安全动态推送(02-21)    阅读/点赞 : 392/4

    每日安全动态推送(03-13)    阅读/点赞 : 390/6

    每日安全动态推送(09-19)    阅读/点赞 : 380/4

    每日安全动态推送(10-11)    阅读/点赞 : 378/4

    每日安全动态推送(06-20)    阅读/点赞 : 368/6

    每日安全动态推送(10-19)    阅读/点赞 : 344/4

    每日安全动态推送(11-25)    阅读/点赞 : 331/4

    每日安全动态推送(07-18)    阅读/点赞 : 320/4

    腾讯玄武实验室 微信二维码

    腾讯玄武实验室 微信二维码