每日安全资讯-2020.8.10

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:Muhstik僵尸网络大肆攻击国内云服务器,已有数千台服务器失陷、包含“backdoor”字样的英特尔泄露代码的初步分析、英特尔,ARM,IBM,AMD处理器容易受到新的侧通道攻击-Foreshadow、vBulletin CVE-2019-16759绕过、Ghostscript SAFER沙箱突破、SAP 漏洞利用教程三部曲、梅赛德斯·奔驰的安全性研究-从硬件到汽车控制等。

【病毒区】
1、Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach

2、Muhstik僵尸网络大肆攻击国内云服务器,已有数千台服务器失陷

3、包含“backdoor”字样的英特尔泄露代码的初步分析

【漏洞分析区】
4、Exploiting vBulletin: “A Tale of Patch Fail”
https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/

5、Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks-Foreshadow

6、Smear phishing: a new Android vulnerability(Won’t Fix (Infeasible))

7、HTTP Response Header Injection in Swoole<=4.5.2
https://blog.cal1.cn/post/HTTP%20Response%20Header%20Injection%20in%20Swoole<%3D4.5.2

8、Ghostscript SAFER Sandbox Breakout (CVE-2020-15900)
https://insomniasec.com/blog/ghostscript-cve-2020-15900

9、CVE-2020-6007: Infiltrating your home network using a malicious ZigBee lightbulb

10、OneThink前台注入分析
https://xz.aliyun.com/t/8081

【技术分享区】
11、Cases where removal of proto cannot prevent prototype pollution of Node.js
https://knqyf263.hatenablog.com/entry/2020/08/09/234544

12、Arbitrary Parentheses-less XSS-against strict CSP policies

13、Hacking Zoom: Uncovering Tales of Security Vulnerabilities in Zoom

14、Bypassing internet connectivity and copy-paste restriction to Infiltrating malicious data

15、SAP Exploitation – Part 1

16、SAP Exploitation – Part 2

17、SAP Exploitation – Part 3

18、Security Research on Mercedes-Benz: From Hardware to Car Control

19、TLS Poison

20、Using Google Colaboratory For Bug Hunting

21、Android Application Exploitation

22、SecWiki周刊(2020/07/27-2020/08/02)
https://www.sec-wiki.com/weekly/335

#工具#FileMonitor:文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)