每日安全资讯-2019.12.30

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:BRONZE PRESIDENT针对非政府组织的黑客攻击、针对ChernoLocker勒索软件的解密工具、Apache POI <= 4.1.0 XXE 漏洞分析、通过perfmon.exe选项中的“字体”进行UAC绕过、通过iMessage远程控制iPhone、通过Dropbox(更新程序)进行提权、在Burp上运行其他应用程序等。

【病毒区】
1、BRONZE PRESIDENT Targets NGOs
2、SideWinder same targets, same TTPs, time to counter-attack !
3、The Hunt for NTCrypt: Exposing a Malicious Packer
4、Emsisoft releases new decryptor for ChernoLocker ransomware

【漏洞分析区】
5、Apache POI <= 4.1.0 XXE 漏洞 (CVE-2019-12415)

【技术分享区】
6、Exploiting: Spiderman 2000 - Buffer overflow in file loading routine
7、UAC bypass via “font” In perfmon.exe options
8、Messenger Hacking:Remotely Compromising an iPhone over iMessage
9、From dropbox(updater) to NT AUTHORITY\SYSTEM
10、Revised Homograph Attacks
11、Low-Hanging Apples: Hunting Credentials and Secrets in iOS Apps
12、Run other application on Burp suite
13、SecWiki周刊(2019/12/23-2019/12/29)

【工具区】
工具-vmlinux-to-elf:A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
工具-The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
工具-git-vuln-finder:Finding potential software vulnerabilities from git commit messages

1