每日安全资讯-2020.10.9

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:复杂的新型Android恶意软件标志着移动勒索软件的最新发展、HashiCorp身份验证问题、KensingtonWorks中的rce漏洞分析、HP Device Manager漏洞分析、挖了3个月Apple的漏洞获取了大量赏金、通过下载功能在Android版Facebook上执行任意代码等。

【病毒区】
1、MontysThree: Industrial espionage with steganography and a Russian accent on both sides

2、Sophisticated new Android malware marks the latest evolution of mobile ransomware

3、APT‑C‑23 group evolves its Android spyware

【漏洞分析区】
4、CVE-2019-0230: Apache Struts OGNL Remote Code Execution

5、Enter the Vault: Authentication Issues in HashiCorp Vault

6、Another RCE vulnerability in KensingtonWorks

7、HP Device Manager – CVE-2020-6925, CVE-2020-6926, CVE-2020-6927

8、Race Condition vulnerability in handling of PID by apport CVE-2020-15702
https://flattsecurity.hatenablog.com/entry/2020/09/30/130844

【技术分享区】
9、We Hacked Apple for 3 Months: Here’s What We Found

10、Two vulnerabilities on Microsoft Azure App Service (EoP and SSRF->RCE/LFI).

11、PowerShell Logging: Obfuscation and Some New(ish) Bypasses Part 2

12、Red Team TTPs Part 2: PUSH 0xPE, CALL 0xLOADER
https://0xdarkvortex.dev/index.php/2020/10/08/red-team-ttps-part-2-push-0xpe-call-0xloader/

13、From LNK to (actually not) RCE: Finding bugs in Windows Shell Link Parser

14、How to attack distributed machine learning via online training
https://labs.f-secure.com/blog/how-to-attack-distributed-machine-learning-via-online-training/

15、.NET Grey Box Approach: Source Code Review & Dynamic Analysis
https://voidsec.com/net-grey-box-approach-source-code-review/

16、Web-Based Sandbox Environments Offer Minimal Friction for Credential Phishers

17、HTTP Host header attacks

18、乌云 Drops 文章在线浏览
https://wooyun.js.org/

19、Arbitrary code execution on Facebook for Android through download feature

20、Google bug bounty: XSS to Cloud Shell instance takeover (RCE as root) - $5,000 USD
https://omespino.com/write-up-google-bug-bounty-xss-to-cloud-shell-instance-takeover-rce-as-root-5000-usd/