每日安全资讯-2020.6.17

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:新的Java STRRAT随附.crimson勒索软件模块、Composr CMS反序列化导致的RCE、SMBleedingGhost-未认证的内存读取为RCE做准备、Ripple20-Treck TCP/IP堆栈中的缺陷使数以百万计的IoT设备受到攻击、.Net运行时中的多个反序列化漏洞、允许完全系统接管的Plex Media Server漏洞、MS Windows OLE远程执行代码漏洞、使用Cobalt Strike的跳转命令制作AMSI跳转bypass AMSI、我是如何利用Jolokia CVE赚了超过$30K赏金的等。

【病毒区】
1、New Java STRRAT ships with .crimson ransomware module

2、New Mac malware reveals Google searches can be unsafe

【漏洞分析区】
3、Composr CMS Remote Code Execution

4、SMBleedingGhost Writeup Part II: Unauthenticated Memory Read - Preparing the Ground for an RCE

5、Ripple20: Flaws in Treck TCP/IP Stack Expose Millions of IoT Devices to Attacks

6、Multiple deserialization vulnerabilities in the .Net runtime
https://modzero.com/modlog/archives/2020/06/16/mz-20-03_-_new_security_advisory_regarding_vulnerabilities_in__net/index.html

7、Plex fixes Media Server bugs allowing full system takeover(CVE-2020-5740,CVE-2020-5741,CVE-2020-5742)

8、MS Windows OLE Remote Code Execution Vulnerability (CVE-2020-1281)

【技术分享区】
9、Making AMSI Jump-Circumventing AMSI from Cobalt Strike’s jump command.

10、Analysis of Google Keep WebAssembly module

11、Introduction to Hacking Thick Clients: Part 5 – The API

12、The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

13、How I made more than $30K with Jolokia CVEs
https://blog.it-securityguard.com/how-i-made-more-than-30k-with-jolokia-cves/

#工具#Announcing RTSPhuzz – An RTSP Server Fuzzer

1