每日安全资讯-2020.11.10

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:Npm包Discord.dll被发现窃取了敏感的Discord和浏览器文件、金眼狗组织水坑活动:针对Telegram用户的定向攻击、TCL Android电视中发现的异常漏洞、Netgear upnpd ssdp请求进程堆栈溢出POC(tianfucup)、从网关进入内网到DNS协议出网等。

【病毒区】
1、Npm package Discord.dll caught stealing sensitive Discord and browser files

2、Ghimob: a Tétrade threat actor moves to infect mobile devices

3、When Threat Actors Fly Under the Radar: Vatet, PyXie and Defray777
https://unit42.paloaltonetworks.com/vatet-pyxie-defray777/

4、TinyPOS and ProLocker: An Odd Relationship
https://norfolkinfosec.com/tinypos-and-prolocker-an-odd-relationship/

5、OceanLotus: Extending Cyber Espionage Operations Through Fake Websites
https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/

6、Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

7、金眼狗组织水坑活动:针对Telegram用户的定向攻击

【漏洞分析区】
8、Extraordinary Vulnerabilities Discovered in TCL Android TVs, Now World’s 3rd Largest TV Manufacturer.

9、Silver Peak Unity Orchestrator RCE

10、Netgear upnpd ssdp request process stack overflow poc(tianfucup)

11、Bypassing Naxsi filtering engine
https://www.synacktiv.com/publications/bypassing-naxsi-filtering-engine.html

【技术分享区】
12、xxl-job调度平台从官方文档到0day挖掘思路
https://www.freebuf.com/articles/web/253938.html

13、从网关进入内网到DNS协议出网

14、Booting a macOS Apple Silicon kernel in QEMU

15、WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques

16、Facebook DOM Based XSS using postMessage($25K)
https://ysamm.com/?p=493

#工具#Pigasus is an Intrusion Detection and Prevention System (IDS/IPS)

1