每日安全资讯-2020.3.10

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:北朝鲜恶意软件Lazarus研究、多款勒索病毒借RDP爆破攻击传播,政企单位须高度警惕、IPTV Smarters漏洞分析、AMD处理器容易受到2种新的侧信道攻击、WAGO产品包含多个漏洞、COM利用-攻击Windows开发环境等。

【病毒区】
1、The Lazarus Constellation - A study on North-Korean malware
2、New Variant of TrickBot Being Spread by Word Document
3、Emotet Wi-Fi Spreader Upgraded
4、Monster Lurking in Hidden Excel Worksheet
5、多款勒索病毒借RDP爆破攻击传播,政企单位须高度警惕

【漏洞分析区】
6、IPTV Smarters Exploit: CVE-2020–9380
7、AMD Processors Vulnerable to 2 New Side-Channel Attacks(Take A Way: Exploring the Security Implications of AMD’s Cache Way Predictors)
8、WAGO products contain remote code execution, other vulnerabilities

【技术分享区】
9、CS:GO 0day and some thoughts (aka: why All or Nothing Bug Bounty Programs are Bad)
10、COM-promise: Attacking Windows development environments
11、The unexpected Google wide domain check bypass($6000)

【工具区】
工具-Starkiller is a Frontend for PowerShell Empire.
工具-ntlm-scanner:A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities(CVE-2019-1019/CVE-2019-1040/CVE-2019-1166/CVE-2019-1338)
工具-Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple’s Endpoint Security Framework.
工具-saferwall:A hackable malware sandbox for the 21st Century

3 2 1