今日导读:fobos恶意广告通过RIG EK传播bunitu代理木马、2018年3月安全公告中的Android蓝牙漏洞分析、IBM Notes存在客户端代码执行漏洞和权限提升漏洞、Siri是如何泄露你的私人iPhone信息的,以及如何阻止她、深入研究迄今为止最严重的Kubernetes漏洞及其poc、Ledger安全漏洞公开、滥用Android应用内结算功能、滥用GSM:使用AT命令的隐蔽通道、Q4 2017全球DDoS报告、blackhat asia 2018 ppt陆续提供下载等。

【病毒区】
1、Fobos Malvertising Campaign Delivers Bunitu Proxy Trojan via RIG EK
https://malwarebreakdown.com/2018/03/21/fobos-malvertising-campaign-delivers-bunitu-proxy-trojan-via-rig-ek/

【漏洞分析区】
2、Android Bluetooth Vulnerabilities in the March 2018 Security Bulletin
https://blog.quarkslab.com/android-bluetooth-vulnerabilities-in-the-march-2018-security-bulletin.html

3、Client side code execution in IBM Notes(CVE-2018-1435)
https://improsec.com/blog/ibm-advisory-7

4、Privilege escalation in IBM Notes Diagnostics(CVE-2018-1437)
https://improsec.com/blog/ibm-advisory-8

5、Visual Studio Code silently fixed a remote code execution vulnerability
https://medium.com/0xcc/visual-studio-code-silently-fixed-a-remote-code-execution-vulnerability-8189e85b486b

6、How Siri leaks your private iPhone messages, and how to stop her
https://nakedsecurity.sophos.com/2018/03/22/how-siri-leaks-your-private-iphone-messages-and-how-to-stop-her/

7、Deep dive on the most severe Kubernetes vulnerabilities to date – CVE-2017-1002101 and CVE-2017-1002102
https://www.twistlock.com/2018/03/21/deep-dive-severe-kubernetes-vulnerability-date-cve-2017-1002101/

工具#POC of CVE-2017-1002101 with sample "exploit"/escape
https://github.com/bgeesaman/subpath-exploit

9、Breaking the Ledger Security Model
https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/

工具#Proof of concept for Ledger MCU exploit
https://github.com/saleemrashid/ledger-mcu-backdoor

11、国产电纸书Bambook破解笔记
http://www.droidsec.cn/%E5%9B%BD%E4%BA%A7%E7%94%B5%E7%BA%B8%E4%B9%A6bambook%E7%A0%B4%E8%A7%A3%E7%AC%94%E8%AE%B0/

【技术分享区】
12、More on ASM.JS Payloads and Exploitation
https://rh0dev.github.io/blog/2018/more-on-asm-dot-js-payloads-and-exploitation/

13、Abusing Android In-app Billing feature thanks to a misunderstood integration
https://www.securingapps.com/blog/AbusingAndroidInAppBilling_INS18.pdf

14、Phreaking is alive! Abusing GSM: Covert channels using AT commands
https://www.slideshare.net/rootedcon/alfonso-muoz-jorge-cuadrado-phreaking-is-alive-abusing-gsm-covert-channels-using-at-commands

15、KSMA: Breaking Android kernel isolation and Rooting with ARM MMU features
https://www.blackhat.com/docs/asia-18/asia-18-WANG-KSMA-Breaking-Android-kernel-isolation-and-Rooting-with-ARM-MMU-features.pdf

16、Glibc Malloc For Exploiters-leak It, Write It, Become A Wizard
https://yannayl.github.io/glibc_malloc_for_exploiters/

17、Basic overview of Persistence
https://rastamouse.me/2018/03/a-view-of-persistence/

18、An accessible overview of Meltdown and Spectre, Part 2
https://blog.trailofbits.com/2018/03/22/an-accessible-overview-of-meltdown-and-spectre-part-2/

19、BSS段的溢出攻击
https://kevien.github.io/2018/03/22/BSS%E6%AE%B5%E7%9A%84%E6%BA%A2%E5%87%BA%E6%94%BB%E5%87%BB/

20、How long does it take for a MongoDB to be compromised
https://mackeepersecurity.com/post/how-long-does-it-take-for-a-mongodb-to-be-compromised

21、Active Directory Security Track, Part 1
https://insinuator.net/2018/03/tr18-active-directory-security-track-part-1/

22、Awesome for wepy-微信小程序组件化开发框架wepy开发资源汇总
https://github.com/aben1188/awesome-wepy

23、开源软件源代码安全缺陷分析报告(第二期)
http://www.freebuf.com/articles/paper/165184.html

24、Q4 2017 Global DDoS Threat Landscape Report
https://www.imperva.com/blog/2018/03/q4-2017-global-ddos-threat-landscape-report/

25、RootedCON 2018 slides
https://www.slideshare.net/rootedcon?utm_campaign=profiletracking&utm_medium=sssite&utm_source=ssslideview

26、blackhat asia 2018 slides(陆续公开下载)
https://www.blackhat.com/asia-18/briefings.html

【工具区】
工具#CVE-2018-7273 - PoC
https://remoteawesomethoughts.blogspot.hk/2018/03/cve-2018-7273-poc.html

工具#Angel是一个基于参数服务器(Parameter Server)理念开发的高性能分布式机器学习平台,它基于腾讯内部的海量数据进行了反复的调优,并具有广泛的适用性和稳定性,模型维度越高,优势越明显
https://github.com/Tencent/angel

工具#aggressor_scripts:A collection of useful scripts for Cobalt Strike
https://github.com/001SPARTaN/aggressor_scripts

工具#thumbsdb:Forensic library-parser and reader for Microsoft Thumbs.db file
https://github.com/zadlg/thumbsdb

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖