每日安全资讯-2020.9.11

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:CDRThief针对Linux VoIP软交换的攻击、Linux上的针对性攻击和APT、Mykings僵尸网络新变种通过PcShare远程控制,已感染超5万台电脑挖矿、Microsoft Exchange Server DlpUtils AddTenantDlpPolicy远程代码执行漏洞、Microsoft Hyper-V多个漏洞分析、一部手机失窃而揭露的窃取个人信息实现资金盗取的黑色产业链等。

【病毒区】
1、Who is calling? CDRThief targets Linux VoIP softswitches

2、An overview of targeted attacks and APTs on Linux

3、Java Network Launch Protocol - Another way for distributing Java downloaders

4、Mykings僵尸网络新变种通过PcShare远程控制,已感染超5万台电脑挖矿

【漏洞分析区】
5、Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution Vulnerability(CVE-2020-16875)
https://srcincite.io/advisories/src-2020-0019/

6、Android WebView: iframe on different origin can execute arbitrary JavaScript in top document via window.open() or links with _blank target
https://bugs.chromium.org/p/chromium/issues/detail?id=1083819

7、The hunt for vulnerability: executing arbitrary code on NVIDIA GeForce NOW virtual machines

8、Microsoft Hyper-V Stack Overflow Denial of Service(CVE-2020-0751)
https://labs.bluefrostsecurity.de/advisories/bfs-sa-2020-001/

9、Microsoft Hyper-V Type Confusion leading to Arbitrary Memory Dereference(CVE-2020-0904)
https://labs.bluefrostsecurity.de/advisories/bfs-sa-2020-003/

10、Microsoft Hyper-V NULL Pointer Dereference Denial of Service(CVE-2020-0890)
https://labs.bluefrostsecurity.de/advisories/bfs-sa-2020-002/

【技术分享区】
11、360lock Smart Lock Review
https://www.pentestpartners.com/security-blog/360lock-smart-lock-review/

12、Fuzzing JavaScript Engines with Fuzzilli
https://blog.doyensec.com/2020/09/09/fuzzilli-jerryscript.html

13、From a C project, through assembly, to shellcode

14、Examining the August Smart Lock
https://blog.quarkslab.com/examining-the-august-smart-lock.html

15、一部手机失窃而揭露的窃取个人信息实现资金盗取的黑色产业链

16、盗窃手机盗刷银行卡黑色产业链案件之后续进展

#工具#StreamDivert is a tool to man-in-the-middle or relay in and outgoing network connections on a system.