【知識】9月20日 - 每日安全知識熱點
熱點概要:Google 呼籲警惕政府支持的黑客攻擊、印表機安全詳解、CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP、CVE-2017-3085:在遠程沙箱中運行,Adobe Flash Windows用戶憑據泄漏漏洞、Active Directory訪問控制列表、瀏覽器安全白皮書、常見的WiFi攻擊及檢測方法、The PYPI Python Package Hack、Microsoft Edge: 內存損壞與部分頁面載入漏洞
國內熱詞(一下內容部分來自:http://www.solidot.org/ )
Google 呼籲警惕政府支持的黑客攻擊
Equifax 今年三月就遭到過一次入侵
資訊類:
CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP
http://www.openwall.com/lists/oss-security/2017/09/19/1
技術類:
新的Android木馬針對60多家銀行和社交應用程序
https://clientsidedetection.com/new_android_trojan_targeting_over_60_banks_and_social_apps.html
印表機安全詳解
https://0x00sec.org/t/an-introduction-to-printer-exploitation-1/3565/1
CVE-2017-3085:在遠程沙箱中運行,Adobe Flash Windows用戶憑據泄漏漏洞
https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/
smbmap:用於SMB枚舉的工具
https://github.com/ShawnDEvans/smbmap
遠程系統漏洞分析:WebSploit Toolkit
https://n0where.net/remote-system-vulnerability-analysis/
探索從TypeScript到WebAssembly的編譯
https://medium.com/web-on-the-edge/exploring-compilation-from-typescript-to-webassembly-f846d6befc12
Active Directory訪問控制列表 - 攻擊和防禦
通過在Windows中濫用bad assumption來檢測調試器
http://www.triplefault.io/2017/08/detecting-debuggers-by-abusing-bad.html
藍牙漏洞影響所有主要操作系統
https://hackaday.com/2017/09/14/bluetooth-vulnerability-affects-all-major-os/
瀏覽器安全白皮書
https://browser-security.x41-dsec.de/X41-Browser-Security-White-Paper.pdf
https://cure53.de/browser-security-whitepaper.pdf
如何優化ElasticSearch的ssdeep比較
http://www.intezer.com/intezer-community-tip-ssdeep-comparisons-with-elasticsearch/
Epson漏洞: EasyMP投影機接管
https://rhinosecuritylabs.com/research/epson-easymp-remote-projection-vulnerabilities/
常見的WiFi攻擊及檢測方法
https://wtf.horse/2017/09/19/common-wifi-attacks-explained/
內核驅動程序mmap處理程序漏洞利用代碼開發
https://labs.mwrinfosecurity.com/publications/kernel-driver-mmap-handler-exploitation/
https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-mmap-exploitation-whitepaper-2017-09-18.pdf
具有採礦功能的惡意軟體近期顯著增加
The PYPI Python Package Hack
http://www.bytelion.com/pypi-python-package-hack/
傳送門:
Package 釣魚
http://blog.fatezero.org/2017/06/01/package-fishing/
被忽視的攻擊面:Python package 釣魚
Apache Struts CVE-2017-5638漏洞帶來的思考
https://alexgaynor.net/2017/sep/18/surviving-struts-cve/
Microsoft Edge: 內存損壞與部分頁面載入漏洞
https://bugs.chromium.org/p/project-zero/issues/detail?id=1309
Microsoft Edge: out-of-bounds read in COptionsCollectionCacheItem::GetAt
https://bugs.chromium.org/p/project-zero/issues/detail?id=1301
focused Web Crawler: ACHE
https://n0where.net/focused-web-crawler-ache/
I know I haven't patched yet, and there's a zero-day knocking at my door
https://cybersins.com/zero-day-patch-timely-workaround/
An Update of PenTesting Tools that (do not) Support IPv6
https://insinuator.net/2017/09/an-update-of-pentesting-tools-that-do-not-support-ipv6/
HVACKer - Bridging the Air-Gap by Manipulating the Environment Temperature
http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_055_Mirsky_AirgapTemperature.pdf
本文由 安全客 原創發布,如需轉載請註明來源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4449.html