每日安全资讯-2020.5.9

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:OceanLotus APT组的Android黑客活动滥用合法证书、DT下载器木马感染2万台电脑,中招后频繁弹广告,主页被锁、检测针对宿主内存的基于外设的攻击、Facebook价值2W美金的DOM XSS等。

【病毒区】
1、Android Campaign from Known OceanLotus APT Group Potentially Older than Estimated, Abused Legitimate Certificate

2、Naikon’s Aria

3、Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents

4、Brazilian trojan banker is targeting Portuguese users using browser overlay

5、DT下载器木马感染2万台电脑,中招后频繁弹广告、主页被锁

【技术分享区】
6、a vulnerability in Safari that allowed unauthorized websites to access your camera on iOS and macOS

7、检测针对宿主内存的基于外设的攻击
https://hardenedlinux.github.io/2020/05/08/2020-01-18-peripheral-based_attack_memory.html

8、The Only Way to Bypass SSL Pinning on iOS 13

9、$20000 Facebook DOM XSS

#工具#DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood.

#工具#Mobexler is a customised virtual machine, based on Elementary OS , designed to help in penetration testing of Android & iOS applications.
https://mobexler.com/

1