每日安全动态推送(06-13)
source link: http://www.10tiao.com/html/645/201806/2651954800/1.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Xuanwu Lab Security Daily News
* [ Browser ] Chrome 为提高用户扩展应用的透明度,宣布在今年夏季停用扩展的内联安装(inline installation)功能:
https://blog.chromium.org/2018/06/improving-extension-transparency-for.html
* [ Crypto ] YubiKey 身份验证使用介绍:
https://evilmartians.com/chronicles/stick-with-security-yubikey-ssh-gnupg-macos
* [ Linux ] 受限 Linux Shell 环境逃离技巧:
https://fireshellsecurity.team/restricted-linux-shell-escaping-techniques/
* [ MachineLearning ] 在可信环境中高性能执行深度神经网络(DNN)的研究(Paper):https://arxiv.org/abs/1806.03287
* [ macOS ] macOS AppleHV UAF 漏洞分析报告(CVE-2018-4242),来自 360 涅槃团队的 Zhuo Liang :
https://brightiup.me/2018/06/11/AppleHV-Use-After-Free-CVE-2018-4242-Writeup/CVE-2018-4242.pdf ;
PoC:
https://github.com/brightiup/research/blob/master/macOS/CVE-2018-4242/AppleHVUaF.c
* [ macOS ] I can be Apple, and so can you,关于第三方代码签名检查问题的公开披露:
https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/
* [ MalwareAnalysis ] Nccgroup 研究人员对嵌入 CVE-2017-8750 漏洞利用的恶意 RTF 文档用于传播 Sisfader 后门做了深度挖掘:
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/cve-2017-8750-rtf-and-the-sisfader-rat/
* [ MalwareAnalysis ] Fortinet 安全研究人员对一起针对俄罗斯数据中心进行恶意攻击的分析 :
https://www.fortinet.com/blog/threat-research/non-russion-matryoshka-russian-service-centers-under-attack.html
* [ Others ] CloudMapper "find_admins" - 用于标识帐户中的管理员用户和角色的命令介绍:
https://summitroute.com/blog/2018/06/12/cloudmapper_find_admins/
* [ Others ] PowerShell 版本的 Process Hollowing(傀儡进程代码注入技术)的 PoC 代码:
https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/Start-Hollow.ps1
* [ Others ] ZeroTrace - 在支持 Intel-SGX 服务器设备上启用 Oblivious-RAM(ORAM)实例的系统:
https://github.com/sshsshy/ZeroTrace
Paper: https://eprint.iacr.org/2017/549.pdf
* [ Popular Software ] 超过 1.27 亿用户的开源教育系统 Moodle 远程代码执行漏洞详情:
https://blog.ripstech.com/2018/moodle-remote-code-execution/
* [ Popular Software ] phpMyAdmin 4.7.x XSRF/CSRF 漏洞披露:
http://blog.vulnspy.com/2018/06/12/phpMyAdmin-4-7-x-XSRF-CSRF-vulnerability-PMASA-2017-9-exploit/
* [ Popular Software ] GnuPG 2.2.8 发布,修复 CVE-2018-12020 漏洞:
https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
* [ Popular Software ] VMware AirWatch Agent 远程代码执行漏洞披露(CVE-2018-6968):
https://support.workspaceone.com/articles/360005681594
* [ SecurityAdvisory ] Microsoft 发布 6 月安全公告 :
https://portal.msrc.microsoft.com/en-us/security-guidance/acknowledgments
* [ Tools ] Office365TenantsList - 从 Project Sonar 提取的 Office365 客户列表:https://github.com/vysec/Office365TenantsList
* [ Tools ] PESecurity - 检测 PE 文件是否开启漏洞环节保护的 Powershell 模块:https://github.com/NetSPI/PESecurity
* [ Tools ] macho_gadgets - 从 iOS kernelcache 中寻找 gadgets 小组件的工具:https://github.com/bazad/macho_gadgets: https://github.com/bazad/macho_gadgets
* [ Vulnerability ] Crestron DGE-100 Console 命令注入漏洞详情(CVE-2018-5553):
https://blog.rapid7.com/2018/06/12/r7-2018-15-cve-2018-5553-crestron-dge-100-console-command-injection-fixed/
* [ Web Security ] Esteban Rodriguez 关于使用 BurpSuite 测试 Web 应用技巧: https://www.coalfire.com/Solutions/Coalfire-Labs/The-Coalfire-LABS-Blog/june-2018/protips-testing-applications-using-burp-and-more
* [ Windows ] 使用微软语言助手 Cortana 攻击锁屏状态下的 Windows 10 (CVE-2018-8140):
https://securingtomorrow.mcafee.com/mcafee-labs/want-to-break-into-a-locked-windows-10-device-ask-cortana-cve-2018-8140
* [ Windows ] Windows 10 1803 中与 PAW 解决方案相关的新功能介绍:
https://blogs.technet.microsoft.com/datacentersecurity/2018/06/08/what-is-new-in-windows-10-1803-for-paw/
* [ Tools ] 安全相关的多媒体资源收集列表( Conference、 Livestreams、Podcasts,etc):
https://github.com/1337list/ephemera-miscellany/blob/master/hackertalkytalk.md
* [ Data Breach ] AcFun泄露数千万条用户数据,网站SHELL和内网权限在暗网售卖:
http://www.freebuf.com/news/174703.html
* [ SecurityReport ] CNCERT 2018年第一季度我国联网智能设备安全情况报告:
http://www.freebuf.com/articles/paper/174618.html
* [ ReverseEngineering ] 借你一双慧眼,鸟瞰二进制世界的秘密:
http://www.freebuf.com/sectool/174136.html
* [ MalwareAnalysis ] VPNFilter:危及全球工控设备和办公网络的物联网高级威胁:
https://paper.seebug.org/618/
* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如: site:xuanwulab.github.io android fuzz
* 按天查看历史推送内容: https://xuanwulab.github.io/cn/secnews/2018/06/13/index.html
* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)
Recommend
-
40
Xuanwu Lab Security Daily News * [ Browser ] Inside Firefox's DOH engine:
-
67
Xuanwu Lab Security Daily News * [ Browser ] MacOS Mojave 及 iOS 12 上 Safari Intelligent Tracking...
-
58
Xuanwu Lab Security Daily News * [ Android ] Android 6 月安全公告发布:https://s...
-
41
Xuanwu Lab Security Daily News * [ Browser ] Google Chrome处理 WebAssembly Locals 时存在整数溢出漏洞...
-
63
Xuanwu Lab Security Daily News * [ Android ] Android P 中的 Biometric 认证机制介绍 :
-
81
Xuanwu Lab Security Daily News * [ iOS ] 通过 iOS 设备嗅探网络流量的技巧,无需越狱:
-
63
* [ Crypto ] 突破 ledgerctf 的 AES 白盒挑战: https://doar-e.github.io/blog/2018/05/17/breaking-ledgerctfs-aes-white-box-challenge/...
-
43
Xuanwu Lab Security Daily News * [ Browser ] Microsoft Edge Chakra 引擎 UAF 漏洞分析 (CVE-2018-0946):https://www.fortinet.com/blog/threat-research/an-analysis...
-
64
Xuanwu Lab Security Daily News * [ APT ] 针对金融组织的 Carbanak 黑客团伙工具源码泄漏 :
-
5
Android平台音视频RTMP推送|GB28181对接之动态水印设计 推荐 原创 随着移动单兵、智能车载、智慧安防、智能家居、工业仿真、GB28281...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK