每日安全资讯-2020.5.8

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:Hermit(隐士)APT组织2020年最新攻击活动分析、Cisco SD-WAN漏洞分析、利用Kerberos绕过Cisco ASA身份验证、逆向基于VxWorks OS的路由器等。

【病毒区】
1、Naikon APT: Cyber Espionage Reloaded

2、ZLoader 4.0 Macrosheets Evolution

3、Targeted Ransomware Attack Hits Taiwanese Organizations

4、Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents

5、Technical report for Cereals Botnet

6、GoGoogle Decryption Tool

7、Hermit(隐士)APT组织2020年最新攻击活动分析
https://www.freebuf.com/articles/network/235010.html

【漏洞分析区】
8、Pentesting Cisco SD-WAN Part 2: Breaking routers
https://www.synacktiv.com/posts/pentest/pentesting-cisco-sd-wan-part-2-breaking-routers.html

9、How a Deceptive Assert Caused a Critical Windows Kernel Vulnerability(CVE-2020-0792)

10、Kerberos Exploit Can Bypass Authentication to Cisco ASA(CVE-2020-3125)

11、Hackers are currently attacking vulnerable SaltStack systems – here’s how

【技术分享区】
12、Reverse Engineering a VxWorks OS Based Router
https://blog.quarkslab.com/reverse-engineering-a-vxworks-os-based-router.html

13、Defeating Windows ASLR via 32-bit shared libraries in 2 hours

14、Using Intel PT for Vulnerability Triaging with IPTAnalyzer

15、A checklist for security testing of Android & iOS applications.
https://mobexler.com/checklist.htm

16、DOM-Based XSS at accounts.google.com by Google Voice Extension.
http://www.missoumsai.com/google-accounts-xss.html

【工具区】
#工具#faxhell:A Bind Shell Using the Fax Service and a DLL Hijack

#工具#rev_shell.php:The shortest non-alphanumeric reverse shell script (19 bytes)

#工具#an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11.

#工具#slack-watchman:Monitoring you Slack workspaces for sensitive information

1