每日安全资讯-2020.7.15

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:深入分析QBot二、SIGRed–Windows DNS服务器中存在17年的漏洞、微体系结构数据采样(MDS)是Intel CPU中的一组硬件漏洞,攻击者可以利用此漏洞跨各种安全边界对数据加载和存储进行采样、Sophos XG-nDay和0Day漏洞分析、Internet Explorer CVE-2019–1367漏洞利用等。

【病毒区】
1、GoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-4-goldenhelper-malware-embedded-in-official-golden-tax-software/

2、Deep Analysis of a QBot Campaign - Part II

3、The Tetrade: Brazilian banking malware goes global

【漏洞分析区】
4、SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers

5、Microarchitectural Data Sampling (MDS) is a set of hardware vulnerabilities in Intel CPUs that allows an attacker to sample data loads and stores across various security boundaries.CVE-2018-12126)

#工具#POC of MSBDS (CVE-2018-12126) on ICL

7、Tenda AC15 AC1900 Vulnerabilities Discovered and Exploited

8、LibreHealth Version 2.0.0 - Multiple High-Risk CVEs

9、Sophos XG - A Tale of the Unfortunate Re-engineering of an N-Day and the Lucky Find of a 0-Day(CVE-2020-12271/CVE-2020-15504)

10、Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips

11、Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root(CVE-2020-14724)
http://www.vapidlabs.com/advisory.php?v=212

【技术分享区】
12、Internet Explorer CVE-2019–1367 Exploitation — part 2

13、Internet Explorer CVE-2019–1367 Exploitation — part 3

#工具#Talon: A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory

3 2 1