热点概要:国外黑客爆出Avast杀毒软件的内核提权漏洞POC(作者说会持续更新)、metasploit加入IDA Pro的debug server远程代码执行漏洞模块、Berkeley DB无需认证通过cwd读取配置文件、不要在web服务上启用Coredumps功能!(可能导致getshell)、Adobe Flash Player SecureSocket Use-After-Free远程代码执行漏洞POC、Schadsoftware:独立于操作系统的恶意软件、云基础架构之固件安全合规
资讯类:
微软再次为XP系统推送补丁
技术类:
Schadsoftware独立于操作系统的恶意软件
metasploit加入IDA Pro的debug server远程代码执行漏洞模块
https://github.com/rapid7/metasploit-framework/pull/8474
国外黑客爆出Avast杀毒软件的内核提权漏洞POC(作者说会持续更新)
https://github.com/bee13oy/AV_Kernel_Vulns
Adobe Flash Player SecureSocket Use-After-Free远程代码执行漏洞POC
https://github.com/bo13oy/flash/tree/master/poc1
Berkeley DB无需认证通过cwd读取配置文件
http://seclists.org/oss-sec/2017/q2/475
Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
Smashing Security #029: Exploits to get your English teeth into
https://www.youtube.com/watch?v=qHXAEmNGcoQ
Bugs You'll Probably Only Have in RustAlexis Beingessner
https://gankro.github.io/blah/only-in-rust/
APIs are 2FA Backdoors
http://blog.ioactive.com/2017/06/apis-are-2fa-backdoors.html
扫描域权限和特权帐户
https://adsecurity.org/?p=3658
A WarCon 2017 presentation: Cisco ASA – Exploiting the IKEv1 heap overflow – CVE-2016-1287
不要在web服务上启用Coredumps功能!(可能导致getshell)
https://blog.hboeck.de/archives/887-Dont-leave-Coredumps-on-Web-Servers.html
在线ssh加密检测工具
The challenge of verification and testing of machine learning
http://www.cleverhans.io/security/privacy/ml/2017/06/14/verification.html
云基础架构之固件安全合规
https://hardenedlinux.github.io/system-security/2017/06/15/firmware_compliance.html?from=timeline