【知识】8月9日 - 每日安全知识热点

360安全客 安全知识 69939 4

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:高通加解密引擎提权漏洞解析、在IE、Edge浏览器中走私HTA文件、Hunting恶意npm包 、Nmap Cheat Sheet、BoopSuite:基于Python的无线审计、安全测试套件、人工智能、机器学习在信息安全领域中的应用[FREE]、Windows漏洞利用技巧:从任意目录创建到任意文件读取


国内热词(以下内容部分摘自http://www.solidot.org/ ):

比特币的日常交易功能正在丧失

资讯类:

Microsoft针对25个关键漏洞发布安全补丁

http://thehackernews.com/2017/08/microsoft-security-patch.html 

技术类:

Windows漏洞利用技巧:从任意目录创建到任意文件读取

https://googleprojectzero.blogspot.com/2017/08/windows-exploitation-tricks-arbitrary.html 

高通加解密引擎提权漏洞解析 

http://www.iceswordlab.com/2017/08/07/qualcomm-crypto-engine-vulnerabilities-exploits/ 

在IE、Edge浏览器中走私HTA文件

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/ 

人工智能、机器学习在信息安全领域中的应用[FREE]

http://defense.ballastsecurity.net/static/IntroductionToArtificialIntelligenceForSecurityProfessionals_Cylance.pdf 

Hunting恶意npm包 

https://duo.com/blog/hunting-malicious-npm-packages 

F-Secure Anti-Virus: Arbitrary Free Vulnerability via TNEF

https://landave.io/2017/08/f-secure-anti-virus-arbitrary-free-vulnerability-via-tnef/ 

Week of Evading Microsoft ATA – Day 2 

http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day2.html 

CVE-2017-8620:Windows Search远程代码执行漏洞

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8620 

如何使用rsyslog监控对基础设施的攻击

https://posts.specterops.io/attack-infrastructure-log-aggregation-and-monitoring-345e4173044e 

Nmap Cheat Sheet

https://s3-us-west-2.amazonaws.com/stationx-public-download/nmap_cheet_sheet_0.6.pdf 

Creating Real Looking User Accounts in AD Lab

https://www.darkoperator.com/blog/2016/7/30/creating-real-looking-user-accounts-in-ad-lab 

uEmu(IDA插件):a tiny cute emulator plugin for IDA based on unicorn engine

https://github.com/alexhude/uEmu 

Adobe Reader DC解析器混淆漏洞

http://blog.talosintelligence.com/2017/08/adobe-reader-dc-parser.html 

Hooking COM Classes

http://blogs.microsoft.co.il/pavely/2017/08/07/hooking-com-classes/ 

Android银行木马滥用accessibility服务

http://b0n1.blogspot.it/2017/08/android-banking-trojan-misuses.html 

Xssing Web With Unicodes

Part 1:http://blog.rakeshmane.com/2016/11/xssing-web-part-1.html    

Part 2:http://blog.rakeshmane.com/2017/08/xssing-web-part-2.html 

Defeating the VB5 Packer

https://r3mrum.wordpress.com/2017/06/07/defeating-the-vb5-packer/ 

D-Link 850L多个漏洞

https://blogs.securiteam.com/index.php/archives/3364 

MAC osx、iOS常见安全工具汇总

https://github.com/ashishb/osx-and-ios-security-awesome 

BoopSuite:基于Python的无线审计、安全测试套件

https://github.com/MisterBianco/BoopSuite 

(完)