【知识】4月20日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:Eternalromance (永恒浪漫) 漏洞分析Ubuntu LightDM访客账户权限提升分析DOUBLEPULSAR内核DLL注入技术使用W3C环境光传感器API窃取敏感的浏览器数据我是如何云fuzz到tcpdump的漏洞详解cve-2016-0636漏洞,java的一个类型混淆漏洞理解微软office2016 PROTECTED-VIEW沙箱技术

国内热词(以下内容部分摘自http://www.solidot.org/):


微信关闭赞赏功能

义警僵尸网络在黑客劫持前感染物联网设备

自制补丁让使用新处理器的 Windows 7 和 8.1 用户能安装更新

资讯类:


Oracle发布四月份补丁修复大量漏洞包括Apache Struts和Shadow Brokers漏洞等

http://securityaffairs.co/wordpress/58142/hacking/oracle-patch-update-for-april.html

微软推出新的基于手机的登录机制

https://threatpost.com/microsoft-touts-new-phone-based-login-mechanism/125065/

洲际酒店集团宣布,超过1,000家酒店的支付卡系统受恶意软件影响

http://securityaffairs.co/wordpress/58129/data-breach/intercontinental-hotels-group-breach.html

技术类:


详解cve-2016-0636漏洞,java的一个类型混淆漏洞

http://www.security-explorations.com/materials/SE-2012-01-ORACLE-14.pdf

java安全

http://www.security-explorations.com/materials/se-javaland.pdf

Ubuntu LightDM访客账户权限提升

https://blogs.securiteam.com/index.php/archives/3134

NSA工具ETERNALBLUE & DOUBLEPULSAR的利用

https://www.exploit-db.com/docs/41896.pdf 

https://www.exploit-db.com/docs/41897.pdf

使用W3C环境光传感器API窃取敏感的浏览器数据

https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/

我是如何云fuzz到tcpdump的漏洞

https://www.softscheck.com/en/identifying-security-vulnerabilities-with-cloud-fuzzing/

对 EternalPulsar 的一次实践

https://medium.com/@xNymia/eternalpulsar-a-practical-example-of-a-made-up-name-629737170a9e

分析DOUBLEPULSAR内核DLL注入技术

https://countercept.com/our-thinking/analyzing-the-doublepulsar-kernel-dll-injection-technique/

浅谈linux安全加固  

http://mp.weixin.qq.com/s/y8np-sFzik15x09536QA5w

Hyper-V 远程代码执行和两个拒绝服务洞

http://blog.pi3.com.pl/?p=564

LabyREnth CTF 2017开始预告

http://researchcenter.paloaltonetworks.com/2017/04/unit42-labyrenth-ctf-2017/

安全相关的免费电子书集合

https://github.com/Hack-with-Github/Free-Security-eBooks-from-PacktPub

blackhat us-17 大会议题

https://www.blackhat.com/us-17/briefings.html

CVE-2017-6919:Drupal 8.x被爆严重绕过漏洞

https://www.drupal.org/SA-CORE-2017-002

NSA:从git clone 到pwned

http://www.pwn3d.org/posts/1721872-from-git-clone-to-pwned-owning-windows-with-doublepulsar-and-eternalblue-part-1 

http://www.pwn3d.org/posts/1723940-from-git-clone-to-pwned-owning-windows-with-doublepulsar-and-eternalblue-part-2 

http://www.pwn3d.org/posts/1724109-from-git-clone-to-pwned-owning-windows-with-doublepulsar-and-eternalblue-part-3 


cPanel安全小组在对Shadow Brokers dump泄漏的漏洞发布的申明

https://news.cpanel.com/wp-content/uploads/2017/04/shadow-brokers-announcement.txt

渗透测试中需要关注的本地凭据

https://pentestlab.blog/2017/04/19/stored-credentials/

Oracle发布四月份更新补丁

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

VirtualBox:Windows进程COM注入EoP

https://bugs.chromium.org/p/project-zero/issues/detail?id=1103

理解微软office2016 PROTECTED-VIEW沙箱技术

http://conference.hitb.org/hitbsecconf2017ams/materials/D2T4%20-%20Koh%20Yong%20Chuan%20-%20Understanding%20the%20Microsoft%20Ofice%202016%20Protected%20View%20Sandbox.pdf

QEMU: user-to-root privesc inside VM via bad translation caching

https://bugs.chromium.org/p/project-zero/issues/detail?id=1122

第三届XCTF——北京站BCTF第一名战队Writeup

http://bobao.360.cn/ctf/detail/192.html

Eternalromance (永恒浪漫) 漏洞分析

http://blogs.360.cn/360safe/2017/04/19/eternalromance-analyze/

(完)