3月8日安全热点 – CIGslip攻击绕过Windows代码完整性预警

 

资讯类

发现技术可以缓解Memcached DDoS攻击

https://www.bleepingcomputer.com/news/security/technique-discovered-that-can-mitigate-memcached-ddos-attacks/

 

CIGslip攻击绕过Windows代码完整性预警（CIG）

 

泄露的文件显示NSA如何跟踪其他国家的黑客

https://theintercept.com/2018/03/06/leaked-files-show-how-nsa-tracks-other-countries-hackers/

 

智能城市和内部的威胁 – 确保设备具有IPv6可寻址性

https://www.beyondtrust.com/blog/smart-cities-threat-within-ensuring-devices-ipv6-addressable/

 

英特尔SGX可用于隐藏，执行恶意软件

https://www.darkreading.com/vulnerabilities—threats/intel-sgx-can-be-used-to-hide-execute-malware/d/d-id/1331211

 

新的IoT安全规则：停止使用默认密码并允许软件更新

http://www.zdnet.com/article/new-iot-security-rules-stop-using-default-passwords-and-allow-software-updates/

 

Debian GNU / Linux现在可用于Windows应用商店中的WSL
https://www.bleepingcomputer.com/news/linux/debian-gnu-linux-now-available-for-wsl-in-the-windows-store/

 

技术类

Headless Chrome and API
https://thief.one/2018/03/06/1/

 

fineract v1.1.0 CVE三连爆
https://mp.weixin.qq.com/s/g3qha-O4gdMZQrPmXEcy_A

 

敏信审计系列之dorado5开发框架
https://mp.weixin.qq.com/s/y1TOfw063Zh6DHhgLQPpzQ

 

血族手游Lua脚本及资源文件解密
https://blog.sectown.cn/archives/320/

 

谈谈Selenium Server的安全问题
http://www.polaris-lab.com/index.php/archives/454/

 

使用Pin和Cuckoo自动执行恶意软件追踪
http://blog.fernandodominguez.me/automating-malware-tracing-with-pin-and-cuckoo/

 

危险的 target=”_blank” 与 “opener”
https://paper.seebug.org/538/

 

VSCODE EXTENSION 钓鱼
https://paper.seebug.org/539/

 

CVE-2017-15944 PALO ALTO 防火墙远程代码执行构造EXP
https://paper.seebug.org/540/

 

使用IDA Pro重建iOS kernelcache中的C ++类
https://bazad.github.io/2018/03/ida-kernelcache-class-reconstruction/

 

ManageEngine Applications Manager远程代码执行和SQLi
https://pentest.blog/advisory-manageengine-applications-manager-remote-code-execution-sqli-and/

 

XML External Entity Injection in Jive-n (CVE-2018-5758)
https://rhinosecuritylabs.com/research/xml-external-entity-injection-xxe-cve-2018-5758/

 

Payload Generation using SharpShooter
https://www.mdsec.co.uk/2018/03/payload-generation-using-sharpshooter/

 

使用数据集发布语言在Google中存储XSS和SSRF
https://s1gnalcha0s.github.io/dspl/2018/03/07/Stored-XSS-and-SSRF-Google.html

 

Metasploit – Some Assembly Required
https://www.ringzerolabs.com/2018/03/metasploit-some-assembly-required.html

 

用视觉模糊发掘Z͌̈̾a͊̈l͊̿g̏̉͆o̾̚̚S̝̬c̬r̯̼͇i̼͖̜̭͔p̘̘̹͖t̠͖̟̹͓͇
http://blog.portswigger.net/2018/03/unearthing-zalgoscript-with-visual.html

 

PHP中的多个漏洞可能允许任意代码执行
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-023/

 

Android应用程序fuzzing框架与fuzzers和崩溃监视器。
https://github.com/ajinabraham/Droid-Application-Fuzz-Framework

 

KERBEROS DECRYPTION
https://lp.cyberark.com/rs/316-CZP-275/images/wp_Labs_Research_Kerberos_Decryption.pdf

 

Encryption 101: How to break encryption
https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/

 

PostgreSQL 远程代码执行漏洞分析及利用—【CVE-2018-1058】
https://www.secpulse.com/archives/69153.html

 

VB2017 paper: The router of all evil
https://www.virusbulletin.com/blog/2018/03/vb2017-paper-router-all-evil/

 

Any.Run – 一款交互式恶意软件分析工具 – 现在向公众开放