今日导读:ADB.Miner恶意代码正在利用开放了ADB接口的安卓设备挖矿、JenX一个新的物联网设备僵尸网络、PZCHAO行动:中国铁虎APT组织强势回归、针对韩国的flash 0Day攻击可能早在2017年11月就开始了、Discuz!因memcached未授权访问导致的RCE分析、AngularJS ngSanitize模块绕过POC发布、逆向safari tcache的内部、CVE-2017-8570首次公开的野外样本及漏洞分析、逆向安卓/ios版本旅行的青蛙、mimikatz中使用的DCShadow攻击技术官方报告发布、使用PowerPoint和DCOM进行横向渗透、IE沙箱拖拽安全策略解析、2017年中国网络安全报告(瑞星)等。

1、ADB.Miner:恶意代码正在利用开放了ADB 接口的安卓设备挖矿
http://blog.netlab.360.com/early-warning-adb-miner-a-mining-botnet-utilizing-android-adb-is-now-rapidly-spreading/

2、JenX:A new botnet recently started recruiting IoT devices.
https://blog.radware.com/security/2018/02/jenx-los-calvos-de-san-calvicie/

3、PZCHAO行动:中国铁虎APT组织强势回归
http://www.4hou.com/technology/10237.html

4、Targeted Attacks Against South Korean Entities May Have Been as Early as November 2017
https://www.flashpoint-intel.com/blog/targeted-attacks-south-korean-entities/

5、Discuz!因memcached未授权访问导致的RCE
https://xianzhi.aliyun.com/forum/topic/2018

6、AngularJS ngSanitize bypass POC
https://vulnerabledoma.in/ngSanitize1.6.8_bypass.html

7、reverse safari tcache's internals and usage
https://0x00sec.org/t/heap-safari-thread-local-caching/5054

8、CVE-2017-8570首次公开的野外样本及漏洞分析
http://www.freebuf.com/vuls/161607.html

9、旅行的青蛙Unity游戏逆向修改--iOS篇
http://www.alonemonkey.com/2018/02/03/unity-reverse-ios/

10、旅行的青蛙Unity游戏逆向修改--Android篇
http://www.alonemonkey.com/2018/02/02/unity-reverse-android/

11、the official paper of the DCShadow attack released in mimikatz
https://www.dcshadow.com/

12、Lateral Movement with PowerPoint and DCOM
https://attactics.org/2018/02/03/lateral-movement-with-powerpoint-and-dcom/

13、Low Privilege Active Directory Enumeration from a non-Domain Joined Host
https://www.attackdebris.com/?p=470

14、IE沙箱拖拽安全策略解析
https://slab.qq.com/news/tech/1278.html

15、StarCraft: Emulating a buffer overflow for fun and profit
http://0xeb.net/wp-content/uploads/2018/02/StarCraft_EUD_Emulator.pdf

16、PHP弱类型在实战中导致的漏洞总结
https://mp.weixin.qq.com/s?__biz=MzUxOTYzMzU0NQ==&mid=2247483803&idx=1&sn=7bec540b57a173a1d699e93d0fcd0100&chksm=f9f7ee7dce80676b7aad5441e314e9ae9726b8c22b9846a6f72327517193b291373444b195ef&scene=0#rd

17、2017年中国网络安全报告(瑞星)
http://www.freebuf.com/articles/paper/161600.html

18、new scripts and tricks:XSS with PhantomJS&Heroku subdomain takeover&Amazon S3 buckets theft
http://10degres.net/massive-pwnage/

工具#APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised
https://github.com/Neo23x0/APTSimulator

工具#MultiDiff - Binary data diffing for multiple objects or streams of data
https://github.com/juhakivekas/multidiff

工具#ICMP Exfil allows you to transmit data via valid ICMP packets.
https://github.com/martinoj2009/ICMPExfil

工具#DAsec - IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform
https://github.com/RobinDavid/idasec

工具#OfficeBrute:brute force protected word documents using a wordlist.
https://github.com/olanderofc/OfficeBrute

工具#GLOBAL UUID DATABASE - 15452 UUIDs, 56399 comments.
https://uuid.pirate-server.com/

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖