每日安全资讯-2020.1.21

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

另:更新就到今天,咱们年会见。

今日导读:Linux Rekoobe病毒卷土重来、Netgear签署的TLS证书私钥泄露、Cacti 1.2.8特权用户命令执行漏洞分析、Ubuntu/CentOS/RHEL 4.4-4.18内核提权漏洞、从Hyper-V管理员到SYSTEM权限等。

【病毒区】
1、Linux Rekoobe Operating with New, Undetected Malware Samples
2、XMRig and OPSEC Fail
3、Dustman APT: Art of Copy-Paste

【漏洞分析区】
4、Netgear Signed TLS Cert Private Key Disclosure
5、Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php.
6、CVE-2019-15666 Ubuntu / CentOS / RHEL Linux Kernel 4.4 - 4.18 privilege escalation

【技术分享区】
7、From Hyper-V Admin to SYSTEM
8、Sniffing Decrypted TLS Traffic with Security Onion
9、Hypervisor From Scratch – Part 7: Using EPT & Page-Level Monitoring Features
10、A Collection of Chrome Sandbox Escape POCs/Exploits for learning.
11、GGvulnz — How I hacked hundreds of companies through Google Groups
工具-corellium-android-unpacking:Android Unpacking Automation using Corellium Devices

1