【知识】11月1日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:WordPress全版本WPDB SQL注入预警及简要分析、iOS 11.1 release notes(其中修复了WPA2的KRACK漏洞)、通过API调用分析恶意软件、自动检测浏览网站的漏洞的Chrome插件、使用弱nfs权限进行Linux提权、pestudio 8.69发布、从GlobeImposter勒索软件样本中提取配置信息的脚本、用于生成带DDE payload的Office文档的脚本


资讯类:

WordPress全版本WPDB SQL注入预警及简要分析

http://bobao.360.cn/news/detail/4358.html 

https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html 

苹果在iOS 11.1中修复了WPA2的KRACK漏洞

https://threatpost.com/apple-patches-krack-vulnerability-in-ios-11-1/128707/ 


很多厂商的设备依然受KRACK攻击影响

http://securityaffairs.co/wordpress/64937/hacking/krack-attack-industrial-products.html 

iOS 11.1 release notes

https://support.apple.com/en-gb/HT208222

http://p9.qhimg.com/t01a744189c6037b4f4.jpg

英国小伙因售卖恶意软件用于向Google以及Skype等服务器发起DDoS攻击被捕

https://www.bleepingcomputer.com/news/security/uk-man-arrested-for-selling-malware-ddos-attacks-on-google-and-skype-servers/ 


朝鲜黑客从大宇集团偷走潜艇秘密

https://www.wsj.com/articles/north-korean-hackers-stole-submarine-secrets-from-daewoo-lawmaker-says-1509447847 

技术类:

通过API调用分析恶意软件

https://blog.malwarebytes.com/threat-analysis/2017/10/analyzing-malware-by-api-calls/ 

DiscordiaMiner and fights on forums.

https://securelist.com/tales-from-the-blockchain/82971/ 


如何只修改两个字节就可绕过11个antivirus 

https://twitter.com/zerosum0x0/status/925486850399019009 


pestudio 8.69发布

https://winitor.com/binaries.html

从GlobeImposter勒索软件样本中提取配置信息的脚本

https://gist.github.com/Demonslay335/8faaa57891318aa438db4bff10b347df 

用于生成带DDE payload的Office文档的脚本

https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads 

自动检测浏览网站的漏洞的Chrome插件

https://chrome.google.com/webstore/detail/vulners-web-scanner/dgdelbjijbkahooafjfnonijppnffhmd 

Hashcat v4.0 – World's Fastest and Most Advanced Password Recovery Utility 

http://www.kitploit.com/2017/10/hashcat-v40-worlds-fastest-and-most.html 

使用弱nfs权限进行Linux提权

https://haiderm.com/linux-privilege-escalation-using-weak-nfs-permissions/ 

(完)