每日安全资讯-2020.5.28

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:双枪团伙新动向,借云服务管理数十万僵尸网络、百步穿杨-看我如何在APP中getshell、当防病毒引擎看起来像内核Rootkit时等。

【病毒区】
1、New Attack Combines TinyPOS With Living-off-the-Land Techniques for Scraping Credit Card Data

2、Netwalker ransomware tools give insight into threat actor

3、双枪团伙新动向,借云服务管理数十万僵尸网络
https://www.anquanke.com/post/id/206898

【漏洞分析区】
4、Buffer Overflow Leading to Code Execution in Left4Dead 2

【技术分享区】
5、百步穿杨-看我如何在APP中getshell

6、File-Squatting Exploitation by Example

7、When Anti-Virus Engines Look Like Kernel Rootkits

8、RCE on Windows from Linux Part 4: Keimpx

9、How Android’s UI Security is Undermined by Accessibility
https://www.cs1.tf.fau.de/research/system-security-and-software-protection-group/how-androids-ui-security-is-undermined-by-accessibility/

#工具#naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner.

1