【知识】11月24日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:基于宏的攻击:Office的特性可被利用在新的攻击方式中、伪造赛门铁克博客网站被用来传播Proton病毒、勒索软件Scarab如今通过垃圾邮件服务大量传播、Livehelpnow网页聊天部件感染挖矿脚本,波及超过1500个网站、XSLT服务侧注入攻击、Linux内核 XFRM提权漏洞、扫描以太坊中的智能合约漏洞。

 

 

 

 

资讯类:

 

 

 

 

 

 

 

基于宏的攻击:Office的特性可被利用在新的攻击方式中

https://thehackernews.com/2017/11/ms-office-macro-malware.html

 

伪造赛门铁克博客网站被用来传播Proton病毒

http://securityaffairs.co/wordpress/65902/malware/macos-proton-malware.html

 

勒索软件Scarab如今通过垃圾邮件服务大量传播

https://www.bleepingcomputer.com/news/security/scarab-ransomware-pushed-via-massive-spam-campaign/

 

Livehelpnow网页聊天部件感染挖矿脚本,波及超过1500个网站

https://www.bleepingcomputer.com/news/security/cryptojacking-script-found-in-live-help-widget-impacts-around-1-500-sites/

 

 

 

技术类:

 

 

 

 

 

 

 

 

XSLT服务侧注入攻击

https://www.contextis.com/blog/xslt-server-side-injection-attacks

 

Linux内核 XFRM提权漏洞

https://blogs.securiteam.com/index.php/archives/3535

 

Linux中的x64 Egg hunting

https://pentesterslife.blog/2017/11/24/x64-egg-hunting-in-linux-systems/

 

利用Burp Suite挖掘暗网服务的真实IP

http://digitalforensicstips.com/2017/11/using-burp-suites-collaborator-to-find-the-true-ip-address-for-a-onion-hidden-service/

 

LYNC/Skype定位与攻击

https://github.com/nyxgeek/lyncsmash

 

Memjam:对抗常时加密的假依赖攻击

https://arxiv.org/abs/1711.08002

 

扫描以太坊中的智能合约漏洞

https://hackernoon.com/scanning-ethereum-smart-contracts-for-vulnerabilities-b5caefd995df

 

Office保护视图沙盒的内存破坏漏洞

https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-corrupting-memory-in-ms-office-protected-view-v2.pdf

 

 

低成本制作基于OpenWRT的渗透工具

 

https://medium.com/@tomac/a-15-openwrt-based-diy-pen-test-dropbox-26a98a5fa5e5

 

Linux中systemd漏洞导致DoS

http://blog.trendmicro.com/trendlabs-security-intelligence/systemd-vulnerability-leads-to-denial-of-service-on-linux/

 

Secure Socket Funneling:完整的网络工具套件平台

https://github.com/securesocketfunneling/ssf

 

安卓内核UAF漏洞利用艺术

https://speakerd.s3.amazonaws.com/presentations/024461bb048c4a12abe6fa28304ad54f/the_art_of_exploiting_uaf.pdf

 

CVE-2017-11882官方补丁后续

https://0patch.blogspot.hk/2017/11/official-patch-for-cve-2017-11882-meets.html

 

(完)