【知识】9月15日 - 每日安全知识热点

360安全客 安全知识 72243 4

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:使用D-Link路由器构建僵尸网络、Luckystrike:恶意office文档生成器、小心Bashware:恶意软件绕过杀软的新思路、Ansible Vault、Tablib YAML解析器原创代码执行漏洞、Spaghetti:Web漏洞扫描器、Ichidan:暗网中的网络空间搜索引擎(类似shodan)、CVE-2017-0213: Windows COM权限提升漏洞

资讯类:

恶意软件作者在网页中植入js代码用来挖矿

https://www.bleepingcomputer.com/news/security/malvertising-campaign-mines-cryptocurrency-right-in-your-browser/ 


开发人员利用存在安全问题的SDK无意将恶意代码插入Android APP中

https://www.bleepingcomputer.com/news/security/developers-unwittingly-embedded-malware-in-their-android-apps-via-shady-sdk/ 


技术类:

使用D-Link路由器构建僵尸网络

https://embedi.com/blog/enlarge-your-botnet-top-d-link-routers-dir8xx-d-link-routers-cruisin-bruisin 

Luckystrike:恶意office文档生成器

https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator 

小心Bashware:恶意软件绕过杀软的新思路

https://research.checkpoint.com/beware-bashware-new-method-malware-bypass-security-solutions/ 

Ansible Vault、Tablib YAML解析器原创代码执行漏洞

http://blog.talosintelligence.com/2017/09/vulnerability-spotlight-yaml-remote.html 

Equifax:重新思考社保号作为唯一身份标识符(Part I)

https://securingtomorrow.mcafee.com/business/equifax-rethinking-social-security-numbers-identifiers 

从SQL注入到管理员权限

https://www.notsosecure.com/anatomy-of-a-hack-sqli-to-enterprise-admin/ 

Spaghetti:Web漏洞扫描器

https://github.com/m4ll0k/Spaghetti 

利用CVE-2017-0199和UAC绕过的PowerPoint文件解析

https://blog.fortinet.com/2017/09/01/powerpoint-file-armed-with-cve-2017-0199-and-uac-bypass 

Nicky Bloor – BaRMIe – Poking Java's Back Door – 44CON 2017 

https://www.slideshare.net/NickBloor3/nicky-bloor-barmie-poking-javas-back-door-44con-2017 

Ichidan:暗网中的网络空间搜索引擎(类似shodan)

https://www.bleepingcomputer.com/news/security/ichidan-is-a-shodan-like-search-engine-for-the-dark-web/ 

Windbg-Cheat-Sheet

https://github.com/bulentrahimkazanci/Windbg-Cheat-Sheet 

从PHP源码与扩展开发谈PHP任意代码执行与防御

https://blog.zsxsoft.com/post/30 

Digital Whisper

https://www.exploit-db.com/docs/42712.pdf 

youtube高级flash漏洞分析

https://opnsec.com/2017/09/advanced-flash-vulnerabilities-in-youtube-part-4/ 

free open-source macOS firewall

https://github.com/objective-see/LuLu 

CVE-2017-0213: Windows COM权限提升漏洞

https://github.com/WindowsExploits/Exploits/tree/master/CVE-2017-0213/Binaries 

EST API Security Testing with Acunetix

https://www.acunetix.com/blog/articles/rest-api-security-testing-acunetix/ 

通过Argus PDF转换器深入了解MarkLogic漏洞利用过程

http://blog.talosintelligence.com/2017/09/deep-dive-marklogic-exploitation.html

How I Snatched 153,037 ETH After A Bad Tinder Date

https://medium.com/@rtaylor30/how-i-snatched-your-153-037-eth-after-a-bad-tinder-date-d1d84422a50b 

SuperBeam:利用wifi和NFC的跨平台文件传输APP

https://thinktanksec.github.io/ 

Exploit iOS 9.x Userland with LLDB JIT 

https://www.slideshare.net/Proteas_Wang/exploit-ios-9x-userland-with-lldb-jit 

New Variants of Agent.BTZ/ComRAT Found: The Threat That Hit The Pentagon In 2008 Still Evolving; Part 2/2

http://www.intezer.com/new-variants-of-agent-btz-comrat-found-part-2/ 

Theater Management Script – SQL Injection

https://www.exploit-db.com/exploits/42716 

(完)