每日安全资讯-2020.5.22

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:APT15卷土重来、CVE-2020-9484 Tomcat RCE漏洞分析、Google Cloud Deployment Manager中的RCE等。

【病毒区】
1、The Evolution of APT15’s Codebase 2020
https://www.intezer.com/blog/research/the-evolution-of-apt15s-codebase-2020/

2、Asnarök attackers twice modified attack midstream

3、ZLoader Loads Again: New ZLoader Variant Returns

4、Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia

【漏洞分析区】
5、Safe-Linking – Eliminating a 20 year-old malloc() exploit primitive(CVE-2020-6007)

6、CVE-2020-9484 Tomcat RCE漏洞分析
https://www.sec-in.com/article/394

【技术分享区】
7、Introduction to Hacking Thick Clients: Part 3 – The File System and Registry

8、360发布《2020年Q1手机安全状况报告》
https://www.anquanke.com/post/id/205982

9、RCE in Google Cloud Deployment Manager($31,337)

#工具#Kubetap - Intercepting proxies for Kubernetes Services

#工具#pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

#工具#WerTrigger:Weaponizing for privileged file writes bugs with Windows Problem Reporting (wermgr.exe)

2 1