每日安全资讯-2020.2.19

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:DRBControl:发现针对东南亚赌博公司的网络间谍活动、Schneider隐藏补丁分析、通过DHCP请求将未授权的存储型XSS脚本注入CISCO ISE Web管理控制台、使用iOS 13完整获取iPhone 11和Xr/Xs的文件系统、绕过Windows 10用户组策略等。

【病毒区】
1、Building a bypass with MSBuild
2、Operation DRBControl:Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia
3、evina protects end-users, mobok: a malware family in constant evolution that perpetrates mobile fraud in germany
4、AZORult spreads as a fake ProtonVPN installer
5、Tracking ‘Kimsuky’, the North Korea-based cyber espionage group: Part 1

【漏洞分析区】
6、Silent Schneider :: Revealing a Hidden Patch in EcoStruxure Operator Terminal Expert
7、Unauthenticated persistent cross-site scripting injection into the administrative console of CISCO ISE web application via DHCP request
8、XPC fast path fails to ensure NULL termination of XPC strings, leading to memory disclosure/corruption vulnerabilities in XPC services(CVE-2020-3856)
9、Memory corruption in launchd due to lack of bounds checking parsing XPC message(CVE-2020-3829)

【技术分享区】
10、Full File System Acquisition of iPhone 11 and Xr/Xs with iOS 13
11、Bypass Windows 10 User Group Policy (and more) with this One Weird Trick
12、Congestion Attacks in Payment Channel Networks(bitcoin)
13、Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader
14、No Clicks Required - Exploiting Memory Corruption Vulnerabilities in Messenger Apps
15、Bug on the Windshield - Fuzzing the Windows kernel
16、experimental animation about HTTP Request Smuggling
17、QQ安全中心 - 动态口令的生成算法
工具-[Updog is a replacement for Python’s SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use](http basic auth. )
工具-GadgetProbe(Burp Extension):Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
工具-weblogicScanner:weblogic 漏洞扫描工具,包含多个漏洞