360CERT - 每日安全简报 (2020-05-24)

<<Previous Next>>

漏洞 Vulnerability

CVE-2020-8871：通过VGA设备在Parallels Desktop 提权

https://www.zerodayinitiative.com/blog/2020/5/20/cve-2020-8871-privilege-escalation-in-parallels-desktop-via-vga-device

安全工具 Security Tools

ligolo：用于渗透时反向隧道连接工具

https://github.com/sysdream/ligolo

安全报告 Security Report

zoom end-to-end 加密介绍白皮书

https://github.com/zoom/zoom-e2e-whitepaper/blob/master/zoom_e2e.pdf

安全研究 Security Research

利用 Safe-Linking来消除 malloc() 函数被漏洞利用

https://research.checkpoint.com/2020/safe-linking-eliminating-a-20-year-old-malloc-exploit-primitive/

PRTG Network Monitor 两个漏洞的发现过程

https://sensepost.com/blog/2020/being-stubborn-pays-off-pt.-2-tale-of-two-0days-on-prtg-network-monitor/

持久化驻留技术 – COM 劫持

https://pentestlab.blog/2020/05/20/persistence-com-hijacking/

Google Cloud Deployment Manager RCE漏洞分析

https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html

Windows 错误报告服务中的任意文件删除漏洞分析

https://github.com/guhe120/Windows-EoP/blob/master/CVE-2020-1021/writeup.docx

Defcon CTF Qualifier 2020 Cursed和Blursed的题解

https://mem2019.github.io/jekyll/update/2020/05/22/Defcon-Cursed-Blursed.html

CVE-2005-1513：Qmail远程代码执行漏洞分析，现在可利用

https://packetstormsecurity.com/files/157805/QSA-qmail.txt

Vulnhub-CTF-Writeups

https://github.com/Ignitetechnologies/Vulnhub-CTF-Writeups

如何解压HP 固件更新包

https://jsof-tech.com/unpacking-hp-firmware-updates-part-1/

Password Spraying 攻击指南

https://www.hackingarticles.in/comprehensive-guide-on-password-spraying-attack/

恶意软件 Malware

AgentTesla新变体分析

https://www.freebuf.com/articles/network/234356.html

如何使用趋势科技的Rootkit Remover安装Rootkit

https://billdemirkapi.me/How-to-use-Trend-Micro-Rootkit-Remover-to-Install-a-Rootkit/

模拟Zloader木马的服务端，伪造C2

https://github.com/felixweyne/imaginaryC2/tree/master/examples/use-case-9-zloader

<<Previous Next>>