每日安全资讯-2020.9.17

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:RedDelta恢复运营、针对蓝牙低功耗中的重新连接的欺骗攻击BLESA、潜在的容器逃逸漏洞、构建自定义的Mimikatz二进制文件、攻防演练之柳暗花明又一村等。

【病毒区】
1、Partners in crime: North Koreans and elite Russian-speaking cybercriminals

2、Back Despite Disruption: RedDelta Resumes Operations

【漏洞分析区】
3、BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy

4、Backdoors and other vulnerabilities in HiSilicon based hardware video encoders

5、Potential container escape vulnerability with CVE-2020-14386
https://www.openwall.com/lists/oss-security/2020/09/03/3

6、CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and EmailsPermalink

7、Bypassing Flash Encryption (CVE-2020-15048)
https://raelize.com/posts/espressif-systems-esp32-bypassing-flash-encryption/

【技术分享区】
8、Tor 0day: Finding IP Addresses
https://www.hackerfactor.com/blog/index.php?/archives/896-Tor-0day-Finding-IP-Addresses.html

9、Building a custom Mimikatz binary
https://s3cur3th1ssh1t.github.io/Building-a-custom-Mimikatz-binary/

10、Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables

11、MemFuck: Bypassing User-Mode Hooks
https://winternl.com/memfuck/

12、攻防演练之柳暗花明又一村
https://www.freebuf.com/articles/network/249377.html

#工具#OneFuzz - A self-hosted Fuzzing-As-A-Service platform by Microsoft

#工具#Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/Vulnerable packages on the container

#工具#PoC for Zerologon

#工具#.net版Zerologon

#工具#Poc for CVE-2020-15505 - RCE on MobileIron MDM

1