【知识】9月21日 - 每日安全知识热点

热点概要：Evidence Aurora Operation仍然活跃：通过CCleaner的供应链发起攻击、Burp Suite被曝存在远程代码执行漏洞、BSidesAugusta 2017会议视频、滥用延迟加载DLL用于远程代码注入、通过LDAP注入绕过Joomla!的登录认证、CCleaner的CC服务器引起关注、理解和实践java反序列化漏洞、SSH 蜜罐：通过蜜罐了解你的攻击者

国内热词（以下内容部分来自：http://www.solidot.org/ ）

苹果: Swift 4.0 发布

通缉犯上传视频到 Instagram 后被捕

中国工程院院士入选互联网名人堂

资讯类：

伊朗黑客组织APT33被指攻击多国航空国防能源组织机构

http://thehackernews.com/2017/09/apt33-iranian-hackers.html 

Burp Suite被曝存在远程代码执行漏洞

http://bobao.360.cn/news/detail/4334.html 

https://www.vulnerability-lab.com/get_content.php?id=2098 

技术类：

Evidence Aurora Operation仍然活跃：通过CCleaner的供应链发起攻击

http://www.intezer.com/evidence-aurora-operation-still-active-supply-chain-attack-through-ccleaner/ 

BSidesAugusta 2017会议视频

https://www.youtube.com/playlist?list=PLEJJRQNh3v_PQEsZ8R7H6xKe9Bkg_KnVC 

滥用延迟加载DLL用于远程代码注入

http://hatriot.github.io/blog/2017/09/19/abusing-delay-load-dll/ 

通过LDAP注入绕过Joomla!的登录认证

https://blog.ripstech.com/2017/joomla-takeover-in-20-seconds-with-ldap-injection-cve-2017-14596/ 

CCleaner的CC服务器引起关注

http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html 

CVE-2017-0785 Android information leak (Blueborne) PoC

https://github.com/ojasookert/CVE-2017-0785 

Mac OSX 编译 LeanSDR

https://cn0xroot.com/2017/09/20/build-leansdr-for-mac-osx/ 

理解和实践java反序列化漏洞

https://diablohorn.com/2017/09/09/understanding-practicing-java-deserialization-exploits/ 

SSH 蜜罐：了解您的攻击者

https://www.robertputt.co.uk/learn-from-your-attackers-ssh-honeypot.html 

DenyAll WAF远程代码执行漏洞

https://pentest.blog/advisory-denyall-web-application-firewall-unauthenticated-remote-code-execution/ 

aIR-Jumper:Covert Air-Gap Exfiltration/Infiltration via Security Cameras & Infrared (IR)

https://arxiv.org/ftp/arxiv/papers/1709/1709.05742.pdf

打破Windows环境的限制

https://weirdgirlweb.wordpress.com/ 

SharpHound：BloodHound Ingestor的进化

https://blog.cptjesus.com/posts/newbloodhoundingestor