360-CERT每日安全简报
Daily Security Briefing
2019-10-12 星期六
<<Previous
Next>>
安全工具
Security Tools
DECAF:动态可执行代码分析框架
https://github.com/decaf-project/DECAF
DueDLLigence:绕过所有应用白名单的shellcode
https://github.com/fireeye/DueDLLigence
安全研究
Security Research
CVE-2019-2025(水滴) 漏洞利用
https://mp.weixin.qq.com/s/BviSkiO1sizlS1T_WRkkaQ
微软的NTLM身份验证协议中的两个安全漏洞使攻击者可以绕过MIC保护从而导致整个域受到损害。
https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/
Rusty Joomla RCE 漏洞分析
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=41
FireEye FireEye Mandiant Redteam:使用shellcode规避EDR检测
https://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html
Examining and exploiting Android vendor binder services:谁偷了我的虚表?
https://mp.weixin.qq.com/s/BoUGoX4toHh9ZTb7onilgg
恶意软件
Malware
Tarmac:针对MacOS用户的新型恶意软件
https://www.zdnet.com/article/macos-users-targeted-with-new-tarmac-malware/#ftag=RSSbaffb68
安全事件
Security Incident
CVE-2019-6333:数以千万计的PC可能会受到HP Touchpoint Analytics漏洞的影响
https://securityaffairs.co/wordpress/92392/hacking/hp-touchpoint-analytics-flaw.html
Leafly Cannabis网站通过公开数据库泄露用户信息
https://www.bleepingcomputer.com/news/security/leafly-cannabis-website-leaked-user-info-via-exposed-database/
APT41攻击了TeamViewer背后的公司-使他们能够访问安装了TeamViewer的任何系统
https://twitter.com/cglyer/status/1182413194360508419
<<Previous
Next>>