【知识】4月17日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:★★★hitbsecconf2017会议公开ppt下载通过固件和硬件攻击管理程序Chrome、Firefox、Edge本地文件信息泄漏使用Unicode域进行网络钓鱼对博世行车日志平台连接器OBD-II加密狗的远程攻击Web Services安全测试、路由器:Cisco Linksys WRT54GL 通用Broadcom UPnP格式字符串漏洞、CVE-2017-0199 PoC

国内热词(以下内容部分摘自http://www.solidot.org/):


路由器的远程访问漏洞最终公开

众包组织暴力破解比特币钱包

Shadow Brokers 泄漏 NSA 的 Windows 和 SWIFT 漏洞利用代码

资讯类:


Callisto APT组织利用黑客团队监控工具来打击政府目标

http://securityaffairs.co/wordpress/58051/hacking/callisto-apt-hacking-team-tools.html

70多家智能设备厂商受Amnesia IoT 僵尸网络影响

http://bestsecuritysearch.com/amnesia-iot-botnet-infects-devices-worldwide/

微软就Shadow Brokers放出的exp的回应

https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/

技术类:


★★★hitbsecconf2017会议公开ppt下载

http://conference.hitb.org/hitbsecconf2017ams/materials/

通过固件和硬件攻击管理程序

https://www.mcafee.com/uk/resources/reports/rp-attacking-hypervisors-firmware-hardware.pdf

NSA恶意软件对WINDOWS用户的影响

https://theintercept.com/2017/04/14/leaked-nsa-malware-threatens-windows-users-around-the-world/

iOS KPP/watchtower bypass

https://xerub.github.io/ios/kpp/2017/04/13/tick-tock.html

PandwaRF Demo: 通过爆破的方式解除警报

https://pandwarf.com/news/disarming-an-alarm-using-brute-force/

Magento任意文件上传漏洞分析

http://www.defensecode.com/advisories/DC-2017-04-003_Magento_Arbitrary_File_Upload.pdf

Chrome、Firefox、Edge本地文件信息泄漏

http://leucosite.com/Chrome-Firefox-Edge-Local-File-Disclosure/

使用Unicode域进行网络钓鱼

https://www.xudongz.com/blog/2017/idn-phishing/

go语言中的SSH安全性

https://bridge.grumpy-troll.org/2017/04/golang-ssh-security/

VMware VCenter未经身份验证的RCE

http://blog.gdssecurity.com/labs/2017/4/13/vmware-vcenter-unauthenticated-rce-using-cve-2017-5638-apach.html

对博世行车日志平台连接器OBD-II加密狗的远程攻击

https://argus-sec.com/remote-attack-bosch-drivelog-connector-dongle/

当表名可控的注入遇到了Describe时的几种情况

http://www.yulegeyu.com/2017/04/16/%E5%BD%93%E8%A1%A8%E5%90%8D%E5%8F%AF%E6%8E%A7%E7%9A%84%E6%B3%A8%E5%85%A5%E9%81%87%E5%88%B0%E4%BA%86Describe%E6%97%B6%E7%9A%84%E5%87%A0%E7%A7%8D%E6%83%85%E5%86%B5%E3%80%82/

Markdown URL模式下处理信息导致的Rocket.Chat XSS

https://www.theblazehen.com/posts/rocketchat-xss-with-markdown-url-handling-in-messages/

应急响应大合集:用于安全事件响应的工具与资源列表 

https://github.com/meirwah/awesome-incident-response/blob/master/README_ch.md

OBD-II DONGLE攻击:通过蓝牙控制车辆

http://hackaday.com/2017/04/14/obd-ii-dongle-attack-stopping-a-moving-car-via-bluetooth/

关于Safe DOG的文件上传bypass

http://blog.cora-lab.org/193.html

CVE-2017-0199 Practical exploitation ! (PoC)

http://rewtin.blogspot.com/2017/04/cve-2017-0199-practical-exploitation-poc.html

WordPress插件安全测试表

https://github.com/CaledoniaProject/wordpress_plugin_security_testing_cheat_sheet

VirtualBox:协作中的虚拟机可以从共享的文件夹中逃逸

https://bugs.chromium.org/p/project-zero/issues/detail?id=1037

通过MimiPenguin 获取linux系统的密码

http://www.hackingarticles.in/dump-cleartext-password-linux-pc-using-mimipenguin/

Linux Kernel 4.8.0 udev 232权限提升

https://packetstormsecurity.com/files/142152/linuxkernel480udev-escalate.txt

different-take-on-keylogging

http://blogs.rsa.com/different-take-on-keylogging/

Web Services安全测试

https://www.exploit-db.com/docs/41888.pdf

路由器:Cisco Linksys WRT54GL 通用Broadcom UPnP格式字符串漏洞

https://community.rapid7.com/docs/DOC-2150 

http://defensecode.com/whitepapers/From_Zero_To_ZeroDay_Network_Devices_Exploitation.txt

(完)