每日安全资讯-2020.7.3

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:“道贼”SDK-揭秘操控数百万Android手机的恶意营销插件、SWEED黑客组织攻击活动分析报告、严重的Apache Guacamole缺陷使远程桌面受到黑客攻击的风险、macOS安装程序本地提权、深入了解三星的TrustZone3、针对RMI服务的九重攻击-下等。

【病毒区】
1、Fakespy masquerades as postal service apps around the world

2、MyKings botnet operators made significant changes to their infrastructure.

3、PhishINvite with Malicious ICS Files
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/phishinvite-with-malicious-ics-files/

4、“道贼”SDK:揭秘操控数百万Android手机的恶意营销插件

5、SWEED黑客组织攻击活动分析报告

【漏洞分析区】
6、Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking (CVE-2020-9497,CVE-2020-9498)

7、macOS Installer Local Root Privilege Escalation (CVE-2020-9817)

8、FDEU-CVE-2019-10222-telia savitarna backdoor
https://full-disclosure.eu/reports/2019/FDEU-CVE-2019-10222-telia-savitarna-backdoor.html

【技术分享区】
9、A Deep Dive Into Samsung’s TrustZone (Part 3)
https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-3.html

10、Windows Telemetry service elevation of privilege

11、.NET Core Evasion Detection

12、针对RMI服务的九重攻击 - 下
https://xz.aliyun.com/t/7932

13、10 Years of Linux Security - A Report Card

14、Story of a 2.5k Bounty — SSRF on Zimbra Led to Dump All Credentials in Clear Text

15、Story of stealing mail conversation, contacts in mail.ru and myMail iOS applications via XSS
https://medium.com/@kminthein/story-of-stealing-mail-conversation-contacts-in-mail-ru-and-mymail-ios-applications-via-xss-1e49c4ed560

#工具#kAFL: HW-assisted Feedback Fuzzing for x86 Kernels

#工具#SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.

#工具#WMIHACKER(仅135端口免杀横向移动)