每日安全资讯-2020.7.23

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:WatchBogMiner木马利用漏洞攻击传播,已控制上万台Linux服务器挖矿、Ruby<5.2.1中的HTML Sanitize绕过、解密DLINK专有固件映像、使用APEX进行Salesforce提权、在Windows Server 2016/2019中绕过Windows Defender防病毒、定时计时攻击-利用并发性通过远程连接泄漏敏感信息等。

【病毒区】
1、MATA: Multi-platform targeted malware framework

2、Prometei botnet and its quest for Monero

3、WatchBogMiner木马利用漏洞攻击传播,已控制上万台Linux服务器挖矿

【漏洞分析区】
4、AVAST SecureLine VPN - Arbitrary File Creation Vulnerability

5、HTML sanitization bypass in Ruby Sanitize < 5.2.1(CVE-2020-4054)

6、Decrypting DLINK Proprietary Firmware Images
https://nstarke.github.io/0036-decrypting-dlink-proprietary-firmware-images.html

7、CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 1/2

8、CVE-2019-1172 Disclosure of Azure AD personal account auth token to malicious websites when using the recommended browser extension 2/2

【技术分享区】
9、Abusing Privilege Escalation in Salesforce Using APEX
https://cloudsecurityalliance.org/blog/2020/07/16/abusing-privilege-escalation-in-salesforce-using-apex/

10、Bypassing Windows Defender Antivirus in Windows Server 2016/2019

11、Abusing Azure AD SSO with the Primary Refresh Token

12、Towards native security defenses for the web ecosystem in Chrome

13、Timeless Timing Attacks:Exploiting Concurrency to Leak Secrets over Remote Connections

#工具#Depthcharge is a toolkit designed to support security research and “jailbreaking” of embedded platforms using the U-Boot bootloader.

#工具#Kubernetes CVE-2020-8559 Proof of Concept PoC Exploit

#工具#Apache Kylin 远程命令执行漏洞PoC(CVE-2020-13925)

#工具#RpcSsImpersonator:Privilege Escalation Via RpcSs svc

2 1