每日安全资讯-2020.8.14

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:Drovorub—APT28用于入侵Linux的瑞士军刀、朝鲜黑客“Dream Job”行动、EVGA Precision X1中的本地提权、看快手如何干掉Fastjson等。

【病毒区】
1、CactusPete APT group’s updated Bisonal backdoor

2、Drovorub — APT28’s swiss-army knife for hacking Linux

3、RedCurl cybercrime group has hacked companies for three years

4、Case Study: Catching a Human-Operated Maze Ransomware Attack In Action

5、Operation ‘Dream Job’ Widespread North Korean Espionage Campaign
https://www.clearskysec.com/operation-dream-job/

【漏洞分析区】
6、Android: App zygotes don’t properly guard against UID reuse attacks; leak AID_READPROC; expose mlstrustedsubject
https://bugs.chromium.org/p/project-zero/issues/detail?id=2041

7、CVE-2020–14979: Local Privilege Escalation in EVGA Precision X1
https://posts.specterops.io/cve-2020-14979-local-privilege-escalation-in-evga-precisionx1-cf63c6b95896

8、PHPYUN人才系统一个正常函数不正常用法引发的逻辑隐患
http://www.bugsafe.cn/archives/278.html

【技术分享区】
9、“ENE Technology Inc” - vulnerable drivers global provider

10、Spectre V1 in userland
https://blog.amossys.fr/spectre-v1-userland.html

11、看快手如何干掉Fastjson

#工具#Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift.

1