每日安全资讯-2020.6.29

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:DzMLT在Docker容器映像中隐藏了加密矿工、XORDDoS,Kaiji Botnet恶意软件以暴露的Docker服务器为目标、死神矿工(ThanatosMiner)利用BlueKeep高危漏洞攻击传播的挖矿木马、SMBleedingGhost编写第三部分-从远程读取(SMBleed)到RCE、1次点击的Meterpreter利用链与BeEF和AV/AMSI绕过等。

【病毒区】
1、DzMLT has Hidden Cryptominers in Container Images

2、XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers

3、死神矿工(ThanatosMiner)利用BlueKeep高危漏洞攻击传播的挖矿木马

【技术分享区】
4、SMBleedingGhost Writeup Part III: From Remote Read (SMBleed) to RCE

5、APC Series: KiUserApcDispatcher and Wow64
https://repnz.github.io/posts/apc/wow64-user-apc/

6、Vulnserver Exploit vs Windows Defender Exploit Guard

7、1-click meterpreter exploit chain with BeEF and AV/AMSI bypass

8、Almost everything about Browser Security for Beginners Part-1

9、Almost everything about Browser Security for beginners- Part2

10、SecWiki周刊(2020/06/22-2020/06/28)
https://www.sec-wiki.com/weekly/330

#工具#angle-grinder:Slice and dice logs on the command line

#工具#checkm8 port for S5L8940X/S5L8942X/S5L8945X based on Arduino and MAX3421E-based USB Host Shield

1