每日安全资讯-2020.8.12

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日到底:绿斑组织近期APT攻击活动的分析报告、PrintDemon漏洞绕过、Windows Type1字体处理远程代码执行漏洞在野POC分析、iOS蓝牙堆栈中的Apple Picking等。

【病毒区】
1、New Gorgon APT (Pakistan) attacks targeting the Indian SMB sector

2、安天针对绿斑组织近期APT攻击活动的分析报告
https://mp.weixin.qq.com/s/uNL6YvKDxkN4qDgATSuCDA

【漏洞分析区】
3、Just another Null Byte Poison via Unicode variant (MuPDF mutool RCE)
https://gynvael.coldwind.pl/?id=732

4、CVE-2020-1337 – PrintDemon is dead, long live PrintDemon!
https://voidsec.com/cve-2020-1337-printdemon-is-dead-long-live-printdemon/

#工具#CVE-2020-1048 bypass: binary planting PoC

#工具#PoC for CVE-2020-1337 Windows Print Spooler Privilege Escalation

7、Windows: AppContainer Enterprise Authentication Capability Bypass(CVE-2020-1509)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2039

8、CVE-2020-0938:Windows Type1字体处理远程代码执行漏洞在野POC分析​

【技术分享区】
9、Defending Your Malware-how using offensive API hooking and syscalls can help you to evade EDR solutions monitoring and reporting capabilities.
https://labs.jumpsec.com/2020/08/11/defending-your-malware/

10、ToothPicker: Apple Picking in the iOS Bluetooth Stack
https://www.usenix.org/conference/woot20/presentation/heinze

#工具#ToothPicker is an in-process, coverage-guided fuzzer for iOS.

12、Debugging into .NET
https://blog.xpnsec.com/debugging-into-net/

13、NFCGate: Opening the Door for NFC Security Research with a Smartphone-Based Toolkit

#工具#nfcgate:An NFC research toolkit application for Android

15、Creating a Custom Root by Patching SuperSU
https://nikola.dev/posts/2020-08-10/creating_a_custom_root_by_patching_supersu

16、Zero Trust Architecture
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf

#工具#Ciphey:Automated decryption tool

#工具#Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting.

#工具#Blizzard-Jailbreak:An Open-Source iOS 11.0 to 11.4.1 Jailbreak.