66

每日安全动态推送(06-05)

 5 years ago
source link: http://www.10tiao.com/html/645/201806/2651954781/1.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Xuanwu Lab Security Daily News


  • [ Browser ]   MacOS Mojave 及 iOS 12 上 Safari  Intelligent Tracking Prevention 2.0 的提升介绍:

    https://webkit.org/blog/8311/intelligent-tracking-prevention-2-0/


  • [ Crypto ]  Intel ME 安全密钥衍生谱系,来自 Thomas Dullien:

     https://github.com/ptresearch/IntelME-Crypto/blob/master/Intel%20ME%20Security%20keys%20Genealogy%2C%20Obfuscation%20and%20other%20Magic.pdf


  • [ Crypto ]  使用 git-crypt 在 Git 仓库中存储加密凭证:

     https://techblog.bozho.net/storing-encrypted-credentials-in-git/


  • [ Data Breach ]  安全研究人员发现 Honda Connect App 泄漏超过 5 万个人信息: 

    https://www.hackread.com/personal-data-of-over-50000-honda-connect-app-leaked/


  • [ Detect ]  使用 Anomalize 算法进行异常检测与威胁狩猎: 

    https://holisticinfosec.blogspot.com/2018/06/toolsmith-133-anomaly-detection-threat.html


  • [ Forensics ]  Linux 内存取证分析之扩大 Rekall Userland 的调查:

     https://imf-conference.org/imf2018/downloads/05_Johannes-Stadlinger_Linux-Memory-Forensics.pdf


  • [ Forensics ]  使用 Rekall 和 WinPmem 进行内存取证: 

    https://holisticinfosec.org/toolsmith/pdf/may2015.pdf


  • [ Industry News ]  微软 75 亿美元收购 GitHub 代码托管平台:

     https://blogs.microsoft.com/blog/2018/06/04/microsoft-github-empowering-developers/  http://tech.qq.com/a/20180604/039204.htm


  • [ iOS ]  由于 Cloudflare 错误的将 1.1.1.1 的正常 DNS 请求当作 DDOS 攻击而导致 DNS 解析异常:

    https://nakedsecurity.sophos.com/2018/06/04/cloudflare-mistakes-own-1-1-1-1-dns-for-ddos-attack/


  • [ Malware ]   IoT 僵尸网络 Owari 的 C2 服务器的 MySQL 服务使用弱密码导致数据库泄漏:

    https://blog.newskysecurity.com/hacker-fail-iot-botnet-command-and-control-server-accessible-via-default-credentials-2ea7cab36f72


  • [ Malware ]  sqliter 恶意模块试图劫持环境变量,已被 npm 下架(CVE-2017-16051):

     https://twitter.com/CVEnew/status/1003720810861875200


  • [ MalwareAnalysis ]  针对 Ostap 恶意软件的分析:

     https://www.cert.pl/en/news/single/ostap-malware-analysis-backswap-dropper/


  • [ MalwareAnalysis ]  RING +3 MALWARES: Few Tricks:

    http://www.blackstormsecurity.com/docs/BSIDES_2018_RELEASE.pdf


  • [ Others ]  Express 的弱 Cookie Secret 配置导致的安全问题分析:

    https://file.digitalinterruption.com/Are_Your_Cookies_Telling_Your_Fortune.pdf


  • [ Pentest ]  查询 SPN 收集活动目录信息:

     https://pentestlab.blog/2018/06/04/spn-discovery/


  • [ Popular Software ]  Waze 导航应用的多个远程漏洞披露:

     http://blog.appscan.io/index.php/2018/05/25/waze-remote-vulnerability-technical-report/


  • [ Popular Software ]  缺陷跟踪管理软件 Jira 存在 XSS 和 SSRF 漏洞,SSRF 访问 AWS Metadata 可导致敏感数据泄露: 

    https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/jira-bug-exposes-organizations-aws-server-keys


  • [ Popular Software ]  Zip-n-Go 4.9 缓冲区溢出漏洞利用 EXP: 

    https://www.exploit-db.com/exploits/44828/


  • [ Programming ]  编写 Hex-Rays 插件之旅程: VMX Intrinsics: 

    https://dougallj.wordpress.com/2018/06/04/writing-a-hex-rays-plugin-vmx-intrinsics/


  • [ Programming ]  使用 Arduino 重新编程 CPU 微码:

     https://www.youtube.com/watch?v=JUVt_KYAp-I


  • [ Tools ]  snake - 恶意软件样本存储工具: 

    https://github.com/countercept/snake


  • [ Tools ]  CobaltStrike Malleable C2 Profile 配置:

     https://blog.cobaltstrike.com/2018/06/04/broken-promises-and-malleable-c2-profiles/


  • [ Tools ]  qradar2thehive - 链接 QRadar SIEM 和 TheHive 项目的 Python 脚本:https://github.com/pierrebarlet/qradar2thehive


  • [ Tools ]   BlackArch Linux v2018.06.01 发布:

     https://blackarch.org/downloads.html


  • [ Tools ]  aws_public_ips - 一款用于抓取所有与用户 AWS 账户相关的服务器公网 IP 地址的工具:

    https://github.com/arkadiyt/aws_public_ips


  • [ Tools ]   ios-resources - iOS hacking 资源收集 : 

    https://github.com/Siguza/ios-resources


  • [ Tools ]  Typhoon 管理执行工具包介绍:

     https://www.slideshare.net/dimas050/typhoon-managed-execution-toolkit 

    GitHub:

     https://github.com/dsnezhkov/typhoon


  • [ Tools ]  cookie-monster - 自动化 Express.js cookie secrets 测试与重签名工具:https://github.com/DigitalInterruption/cookie-monster


  • [ Windows ]  Matt Graeber 对 Windows 设备保护(Device Guard)及应用程序白名单的实用性思考:

    http://www.exploit-monday.com/2018/06/device-guard-and-application.html


  • [ Windows ]  挖掘 Authenticode 证书:

     https://isc.sans.edu/diary/23731


  • [ WirelessSecurity ]  蓝牙逆向教程之逆向智能云台 Zhiyun Crane/Evo rage 蓝牙通信:

    https://www.youtube.com/watch?v=5FSW2IespJM


  • [ macOS ]  macOS 内核扩展漏洞挖掘指导流程: 

    https://www.anquanke.com/post/id/146857


  • [ SCADA ]  工控漏洞挖掘方法之固件逆向分析: 

    https://paper.seebug.org/613/


  • [ Popular Software ]  Hadoop Yarn REST API 未授权漏洞利用挖矿分析: 

    https://paper.seebug.org/611/


* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如: site:xuanwulab.github.io android fuzz

* 按天查看历史推送内容: https://xuanwulab.github.io/cn/secnews/2018/06/05/index.html

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)



report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK