每日安全资讯-2020.6.19

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:密码神器Mimikatz成作案利器,挖矿木马Tor2Mine感染大批“肉鸡矿工团” 、“贪吃蛇”挖矿木马升级提权工具,对企业网络威胁加剧、多款软件内置后门程序 可监视并肆意操控用户电脑、GOG Galaxy Client本地提权、渗透测试人员的Azure AD简介等。

【病毒区】
1、Cobalt: tactics and tools update

2、Digging up InvisiMole’s hidden arsenal

3、Office 365 Phishing Campaign Exploits Samsung, Adobe and Oxford Servers

4、密码神器Mimikatz成作案利器,挖矿木马Tor2Mine感染大批“肉鸡矿工团”

5、“贪吃蛇”挖矿木马升级提权工具,对企业网络威胁加剧​

6、多款软件内置后门程序 可监视并肆意操控用户电脑

【漏洞分析区】
7、GOG Galaxy Client Local Privilege Escalation
https://www.positronsecurity.com/blog/2020-04-28-gog-galaxy-client-local-privilege-escalation/

8、Cisco WebEx Memory for the Taking: CVE-2020-3347
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cisco-webex-memory-for-the-taking-cve-2020-3347/

【技术分享区】
9、Azure AD introduction for red teamers
https://www.synacktiv.com/posts/pentest/azure-ad-introduction-for-red-teamers.html

10、Introduction to Hacking Thick Clients: Part 6 – The Memory

11、Adventures in Phishing Email Analysis

12、Hacking Industry 4.0 With CNC Vulnerabilities

13、OAuth redirect_uri bypass using IDN homograph attack resulting in user’s access token leakage($1,000)

#工具#ADSearch:A tool written for cobalt-strike’s execute-assembly command that allows for more efficent querying of AD.

#工具#The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules.

#工具#exynos-usbdl : unsigned code loader for Exynos BootROM

1