安全文库

【知識】9月20日 – 每日安全知識熱點


【知識】9月20日 – 每日安全知識熱點

童話

【知識】9月20日 - 每日安全知識熱點

熱點概要:Google 呼籲警惕政府支持的黑客攻擊、印表機安全詳解、CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP、CVE-2017-3085:在遠程沙箱中運行,Adobe Flash Windows用戶憑據泄漏漏洞、Active Directory訪問控制列表、瀏覽器安全白皮書、常見的WiFi攻擊及檢測方法、The PYPI Python Package Hack、Microsoft Edge: 內存損壞與部分頁面載入漏洞

國內熱詞(一下內容部分來自:http://www.solidot.org/ )


Google 呼籲警惕政府支持的黑客攻擊

Equifax 今年三月就遭到過一次入侵

資訊類:


CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP

http://www.openwall.com/lists/oss-security/2017/09/19/1 

技術類:


新的Android木馬針對60多家銀行和社交應用程序

https://clientsidedetection.com/new_android_trojan_targeting_over_60_banks_and_social_apps.html 

印表機安全詳解

https://0x00sec.org/t/an-introduction-to-printer-exploitation-1/3565/1 

CVE-2017-3085:在遠程沙箱中運行,Adobe Flash Windows用戶憑據泄漏漏洞

https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/ 

smbmap:用於SMB枚舉的工具

https://github.com/ShawnDEvans/smbmap 

遠程系統漏洞分析:WebSploit Toolkit 

https://n0where.net/remote-system-vulnerability-analysis/ 

探索從TypeScript到WebAssembly的編譯

https://medium.com/web-on-the-edge/exploring-compilation-from-typescript-to-webassembly-f846d6befc12 

Active Directory訪問控制列表 – 攻擊和防禦

https://blogs.technet.microsoft.com/enterprisemobility/2017/09/18/active-directory-access-control-list-attacks-and-defense/ 

通過在Windows中濫用bad assumption來檢測調試器

http://www.triplefault.io/2017/08/detecting-debuggers-by-abusing-bad.html 

藍牙漏洞影響所有主要操作系統

https://hackaday.com/2017/09/14/bluetooth-vulnerability-affects-all-major-os/ 

瀏覽器安全白皮書

https://browser-security.x41-dsec.de/X41-Browser-Security-White-Paper.pdf 

https://cure53.de/browser-security-whitepaper.pdf 

如何優化ElasticSearch的ssdeep比較

http://www.intezer.com/intezer-community-tip-ssdeep-comparisons-with-elasticsearch/ 

Epson漏洞: EasyMP投影機接管

https://rhinosecuritylabs.com/research/epson-easymp-remote-projection-vulnerabilities/ 

常見的WiFi攻擊及檢測方法

https://wtf.horse/2017/09/19/common-wifi-attacks-explained/ 

內核驅動程序mmap處理程序漏洞利用代碼開發

https://labs.mwrinfosecurity.com/publications/kernel-driver-mmap-handler-exploitation/ 

https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-mmap-exploitation-whitepaper-2017-09-18.pdf 

具有採礦功能的惡意軟體近期顯著增加

https://securityintelligence.com/network-attacks-containing-cryptocurrency-cpu-mining-tools-grow-sixfold/ 

The PYPI Python Package Hack

http://www.bytelion.com/pypi-python-package-hack/ 

傳送門:

Package 釣魚 

http://blog.fatezero.org/2017/06/01/package-fishing/ 

被忽視的攻擊面:Python package 釣魚

https://paper.seebug.org/326/ 

Apache Struts CVE-2017-5638漏洞帶來的思考

https://alexgaynor.net/2017/sep/18/surviving-struts-cve/ 

Microsoft Edge: 內存損壞與部分頁面載入漏洞

https://bugs.chromium.org/p/project-zero/issues/detail?id=1309 

Microsoft Edge: out-of-bounds read in COptionsCollectionCacheItem::GetAt 

https://bugs.chromium.org/p/project-zero/issues/detail?id=1301 

focused Web Crawler: ACHE

https://n0where.net/focused-web-crawler-ache/ 

I know I haven't patched yet, and there's a zero-day knocking at my door

https://cybersins.com/zero-day-patch-timely-workaround/ 

An Update of PenTesting Tools that (do not) Support IPv6

https://insinuator.net/2017/09/an-update-of-pentesting-tools-that-do-not-support-ipv6/ 

HVACKer – Bridging the Air-Gap by Manipulating the Environment Temperature

http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_055_Mirsky_AirgapTemperature.pdf 


【知識】9月20日 - 每日安全知識熱點 【知識】9月20日 - 每日安全知識熱點

本文由 安全客 原創發布,如需轉載請註明來源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4449.html