每日安全资讯-2019.12.5

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:ZeroCleare针对中东能源部门的黑客行动、“劲爆新闻、漂亮小姐姐”原是远控木马,小手一抖,电脑沦为“老虎”矿工、PowerGhost挖矿病毒最新变种感染多省份、OpenBSD身份验证绕过(smtpd,ldapd和radiusd,具体影响还要分析)、一篇文章带你读懂 HTTP Smuggling 攻击、使用 IDA 处理 U-Boot 二进制流文件等。

【病毒区】
1、New Destructive Wiper “ZeroCleare” Targets Energy Sector in the Middle East
2、Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
3、伸向中亚地区的触手——DustSquad APT组织针对乌兹别克斯坦的活动分析
4、“劲爆新闻、漂亮小姐姐”原是远控木马,小手一抖,电脑沦为“老虎”矿工
5、Windows与Linux双平台无文件攻击:PowerGhost挖矿病毒最新变种感染多省份

【漏洞分析区】
6、an authentication-bypass vulnerability in OpenBSD’s authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd(its real-world impact should be studied on a case-by-case basis)
7、CVE-2019-8805 - A macOS Catalina privilege escalation
8、CVE-2019-1256 (Windows Kernel): Null Pointer Deref in the GradientFill function in win32kfull.sys
9、Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774)

【技术分享区】
10、Your HP Printer is connecting to FakeUrl1234.com and you don’t even know it
11、Excelerating Analysis – Tips and Tricks to Analyze Data with Microsoft Excel
12、CSS Injection Primitives
13、一篇文章带你读懂 HTTP Smuggling 攻击
14、Winning the Interface War: Extracting Information from Electronic Devices with the SEC Xtractor
15、使用 IDA 处理 U-Boot 二进制流文件
16、Mobile Application Pentesting-Part 1
17、Mobile Application Pentesting- Part 2
18、Mobile Application Pentesting-Part 3
19、Mobile Application Pentesting-Part4
20、Mobile Application Pentesting-Part 5
21、Mobile Application Pentesting-Part6
22、APT review: what the world’s threat actors got up to in 2019(Kaspersky)

4 3 2 1