每日安全资讯-2020.9.8

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

【病毒区】
1、OpBlueRaven: Unveiling Fin7/Carbanak - Part II : BadUSB Attacks

【技术分享区】
2、Google CTF 2020 teleport Chromium sandbox escape
https://trungnguyen1909.github.io/blog/post/GGCTF20/

3、ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow
http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/

4、ARM64 Reversing and Exploitation Part 2 - Use After Free
http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-2-use-after-free/

5、ARM64 Reversing and Exploitation Part 3 - A Simple ROP Chain
http://highaltitudehacks.com/2020/09/06/arm64-reversing-and-exploitation-part-3-a-simple-rop-chain/

6、From Android Static Analysis to RCE on Prod

#工具#Tafferugli is a Twitter Analysis Framework