6月5日每日安全热点 - 用友NC远程命令执行漏洞通告

360安全客 安全资讯 99822 4

漏洞 Vulnerability
CVE-2020-13765 :QEMU 加载已注册ROM时越界访问漏洞
https://seclists.org/oss-sec/2020/q2/164?utm_source=dlvr.it&utm_medium=twitter
CVE-2020-9484:Apache Tomcat 反序列化RCE漏洞的分析和利用
https://www.redtimmy.com/java-hacking/apache-tomcat-rce-by-deserialization-cve-2020-9484-write-up-and-exploit/
iOS 13.5.1 修复了CVE-2020-9859漏洞,但可能造成内存泄露
https://www.synacktiv.com/posts/exploit/the-fix-for-cve-2020-9859-and-the-lightspeed-vulnerability.html
GNU glibc ARMv7 memcpy() 内存破坏漏洞
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
用友NC远程命令执行漏洞通告
https://mp.weixin.qq.com/s/eF1v4iYE4T_NqmztM3i6TA
CVE-2020-6109:Zoom客户端 4.6.10 处理giphy消息时存在路径遍历漏洞
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1055
CVE-2020-6110:Zoom 客户端 4.6.10共享代码功能存在路径遍历漏洞
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1056
恶意软件 Malware
PEBBLEDASH:LAZARUS APT 中的恶意软件分析
https://malwarenailed.blogspot.com/2020/06/peebledash-lazarus-hiddencobra-rat.html
分析无文件恶意软件自加载技术
https://danusminimus.github.io/Analyzing-Modern-Malware-Techniques-Part-1/
发现与Higaisa APT相关的新LNK攻击
https://blog.malwarebytes.com/threat-analysis/2020/06/higaisa/
安全研究 Security Research
模拟攻击椭圆曲线加密算法的项目
https://github.com/orangecertcc/ecdummy
滥用进程 Tokens 分析 Part 2
https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962
滥用进程 Tokens 分析 Part 1
https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa
如何设计一个基带调试器
https://twitter.com/Synacktiv/status/1268474134939553792
Chrome 沙箱逃逸资料搜集
https://github.com/allpaca/chrome-sbx-db#awesome-chrome-sandbox-escape
在Windows中使用系统调用来执行Shellcode注入
https://www.solomonsklash.io/syscalls-for-shellcode-injection.html
Apache Tomcat + MongoDB Poc和writeup
https://github.com/pyn3rd/Apache-Tomcat-MongoDB-Remote-Code-Execution
安全工具 Security Tools
TinyInst:P0开源的一个轻量级的动态检测库
https://github.com/googleprojectzero/TinyInst
GitMonitor:用于扫描Github,根据规则查找泄漏的敏感信息
https://www.kitploit.com/2020/06/gitmonitor-github-scanning-system-to.html
Docker-OSX:在docker中运行macOS
https://github.com/sickcodes/Docker-OSX
(完)