每日安全资讯-2020.9.9

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:ShadowPad-新的Winnti黑客活动、WSUS攻击第2部分-CVE-2020-1013 Windows 10本地提权1Day、不安全的注册表导出导致提权、h2c走私-通过HTTP/2明文请求走私等。

【病毒区】
1、ShadowPad: New Winnti Group Activity

2、Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks

【漏洞分析区】
3、GitLab:SSRF into Shared Runner, by replacing dockerd with malicious server in Executor($2,000)

4、WSUS Attacks Part 2: CVE-2020-1013 a Windows 10 Local Privilege Escalation 1-Day

5、Academics find crypto bugs in 306 popular Android apps, none get patched
https://www.computer.org/csdl/pds/api/csdl/proceedings/download-article/1mbmHwIxTb2/pdf

6、Windows: CloudExperienceHostBroker Unsafe COM Object EoP(CVE-2020-1471)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2051

7、Attacking the Qualcomm Adreno GPU

8、Insecure registry export - Escalation of Privilege(CVE-2020-0989)

【技术分享区】
9、h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)

10、Abusing dynamic groups in Azure AD for privilege escalation
https://www.mnemonic.no/blog/abusing-dynamic-groups-in-azure/

11、RoguePotato on Remote

12、Extracting and Diffing Windows Patches in 2020
https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html

13、2020上半年出行行业黑灰产研究报告

#工具#git-dumper:A tool to dump a git repository from a website

#工具#SonarSearch:A MongoDB importer and API for Project Sonars DNS datasets

1