每日安全资讯-2020.8.5

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马、OpenFire任意文件读取和未经身份验证的SSRF漏洞、冰蝎,从入门到魔改(续)等。

【病毒区】
1、Take a “NetWalk” on the Wild Side

2、An API Worm In The Making: Thousands Of Secrets Found In Open S3 Buckets.

3、Dridex – From Word to Domain Dominance

4、Unveiling Fin7/Carbanak Part 1-Tirion

5、TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马

【漏洞分析区】
6、Technical analysis: CVE-2020-15654 and a history of Firefox “Browser Lock” bugs

7、OpenFire allows to get Arbitrary File Read and Unauthenticated Full Read SSRF via its 9090 and 9091 ports(CVE-2019-18393 & CVE-2019-18394).

8、Exploiting SKYSEA Activity Monitor(CVE-2020-5617)
https://acru3l.github.io/2020/08/03/exploiting-activity-monitor-driver/

9、Exploiting Android Messengers with WebRTC: Part 1(CVE-2020-6389/CVE-2020-6387)

【技术分享区】
10、冰蝎,从入门到魔改(续)
https://www.anquanke.com/post/id/212739

11、MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle

12、Inside Microsoft Threat Protection-Solving cross-domain security incidents through the power of correlation analytics

13、Kerberoasting: A Blue Team Perspective

14、基于网络空间搜索引擎的通用漏洞挖掘
https://paper.seebug.org/1282/

15、Vulnerability in new TouchID feature put iCloud accounts at risk of being breached

#工具#TelemetrySourcerer:Enumerate and disable common sources of telemetry used by AV/EDR.

#工具#pe_tree:BlackBerry open sources malware analysis tool

#工具#Privilege-Escalation:This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.https://github.com/Ignitetechnologies/Privilege-Escalation

#工具#陌陌MOSEC-X-PLUGIN 系列插件开源