每日安全资讯-2020.9.3

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:Cerberus银行木马分析、Cisco Jabber RCE漏洞、JITSploitation-JIT漏洞分析、Go的CGI和FastCGI传输行为不一致可能会导致XSS漏洞、云防火墙管理API SNAFU使50万SonicWall客户面临风险、AWS Elastic Kubernetes Service(EKS)中的提权等。

【病毒区】
1、Cerberus Banking Trojan Analysis

2、Epic Manchego – atypical maldoc delivery brings flurry of infostealers

3、ThiefBot: A New Android Banking Trojan Targeting Turkish Banking Users

【漏洞分析区】
4、Operation PowerFall: CVE-2020-0986 and variants

5、CVE-2020-0986: Windows splwow64 Untrusted Pointer Dereference

6、Critical Wormable RCE Vulnerability Discovered in Cisco Jabber(CVE-2020-3495, CVE-2020-3430, CVE-2020-3537 & CVE-2020-3498)

7、JITSploitation I: A JIT Bug

8、JITSploitation II: Getting Read/Write

9、JITSploitation III: Subverting Control Flow(CVE-2020-9802,CVE-2020-9870,CVE-2020-9910)

10、Inconsistent Behavior of Go’s CGI and FastCGI Transport May Lead to Cross-Site Scripting(CVE-2020-24553)

11、Java Buffer Overflow with ByteBuffer (CVE-2020-2803) and Mutable MethodType (CVE-2020-2805) Sandbox Escapes

12、HID ActivID Mobile Soft Token Vulnerabilities

13、Cloud firewall management API SNAFU put 500k SonicWall customers at risk
https://www.pentestpartners.com/security-blog/cloud-firewall-management-api-snafu-put-500k-sonicwall-customers-at-risk/

14、Maltego XXE Analysis(CVE-2020-24656)

【技术分享区】
15、Lock screen/Bitlocker bypass/elevation of privilege in Bitlocker

16、Privilege Escalation in AWS Elastic Kubernetes Service (EKS) by compromising the instance role of worker nodes

#工具#TukTuk is an open source tool that designed to make pentester’s life easier by catching and logging different types of requests.