热点概要:Google 呼吁警惕政府支持的黑客攻击、打印机安全详解、CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP、CVE-2017-3085:在远程沙箱中运行,Adobe Flash Windows用户凭据泄漏漏洞、Active Directory访问控制列表、浏览器安全白皮书、常见的WiFi攻击及检测方法、The PYPI Python Package Hack、Microsoft Edge: 内存损坏与部分页面加载漏洞
国内热词(以下内容部分来自:http://www.solidot.org/ )
Google 呼吁警惕政府支持的黑客攻击
Equifax 今年三月就遭到过一次入侵
资讯类:
CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP
http://www.openwall.com/lists/oss-security/2017/09/19/1
技术类:
新的Android木马针对60多家银行和社交应用程序
https://clientsidedetection.com/new_android_trojan_targeting_over_60_banks_and_social_apps.html
打印机安全详解
https://0x00sec.org/t/an-introduction-to-printer-exploitation-1/3565/1
CVE-2017-3085:在远程沙箱中运行,Adobe Flash Windows用户凭据泄漏漏洞
https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/
smbmap:用于SMB枚举的工具
https://github.com/ShawnDEvans/smbmap
远程系统漏洞分析:WebSploit Toolkit
https://n0where.net/remote-system-vulnerability-analysis/
探索从TypeScript到WebAssembly的编译
https://medium.com/web-on-the-edge/exploring-compilation-from-typescript-to-webassembly-f846d6befc12
Active Directory访问控制列表 – 攻击和防御
通过在Windows中滥用bad assumption来检测调试器
http://www.triplefault.io/2017/08/detecting-debuggers-by-abusing-bad.html
蓝牙漏洞影响所有主要操作系统
https://hackaday.com/2017/09/14/bluetooth-vulnerability-affects-all-major-os/
浏览器安全白皮书
https://browser-security.x41-dsec.de/X41-Browser-Security-White-Paper.pdf
https://cure53.de/browser-security-whitepaper.pdf
如何优化ElasticSearch的ssdeep比较
http://www.intezer.com/intezer-community-tip-ssdeep-comparisons-with-elasticsearch/
Epson漏洞: EasyMP投影机接管
https://rhinosecuritylabs.com/research/epson-easymp-remote-projection-vulnerabilities/
常见的WiFi攻击及检测方法
https://wtf.horse/2017/09/19/common-wifi-attacks-explained/
内核驱动程序mmap处理程序漏洞利用代码开发
https://labs.mwrinfosecurity.com/publications/kernel-driver-mmap-handler-exploitation/
https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-mmap-exploitation-whitepaper-2017-09-18.pdf
具有采矿功能的恶意软件近期显著增加
The PYPI Python Package Hack
http://www.bytelion.com/pypi-python-package-hack/
传送门:
Package 钓鱼
http://blog.fatezero.org/2017/06/01/package-fishing/
被忽视的攻击面:Python package 钓鱼
Apache Struts CVE-2017-5638漏洞带来的思考
https://alexgaynor.net/2017/sep/18/surviving-struts-cve/
Microsoft Edge: 内存损坏与部分页面加载漏洞
https://bugs.chromium.org/p/project-zero/issues/detail?id=1309
Microsoft Edge: out-of-bounds read in COptionsCollectionCacheItem::GetAt
https://bugs.chromium.org/p/project-zero/issues/detail?id=1301
focused Web Crawler: ACHE
https://n0where.net/focused-web-crawler-ache/
I know I haven't patched yet, and there's a zero-day knocking at my door
https://cybersins.com/zero-day-patch-timely-workaround/
An Update of PenTesting Tools that (do not) Support IPv6
https://insinuator.net/2017/09/an-update-of-pentesting-tools-that-do-not-support-ipv6/
HVACKer – Bridging the Air-Gap by Manipulating the Environment Temperature
http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_055_Mirsky_AirgapTemperature.pdf