- News -
1.不要错过 RSAC 2019 的这些演讲议题
https://www.helpnetsecurity.com/2019/02/25/rsac-2019-keynotes/
2.违法收集个人信息的 App 将被处理
https://mp.weixin.qq.com/s/R4-gJFEixKA9Knr59LhOAw
3.小米系统内核开源
https://github.com/MiCode/Xiaomi_Kernel_OpenSource
- Analysis -
1.Linux watchdogs 感染性隐藏挖矿病毒入侵还原录
https://paper.seebug.org/824/
2.打破 Docker:runC 容器逃逸漏洞的深入分析及多种利用方法
https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/
3.2018勒索病毒白皮书(政企篇)
https://www.anquanke.com/post/id/171637
情报来源--360网神 CERT
* [ Android ] Android fdget() 优化导致的 binder UAF 漏洞(CVE-2019-2000) :
https://bugs.chromium.org/p/project-zero/issues/detail?id=1719
* [ Android ] Adnroid reclaim 和 munmap 之间的条件竞争导致的 VMA binder UAF 漏洞(CVE-2019-1999):
https://bugs.chromium.org/p/project-zero/issues/detail?id=1721
* [ Browser ] Chakra JIT 中的类型混淆漏洞(CVE-2019-0539)分析:
https://perception-point.io/resources/research/cve-2019-0539-root-cause-analysis/
* [ Browser ] Chakra 2019 年 2 月安全更新详情:https://github.com/Microsoft/ChakraCore/pull/5936
* [ Defend ] 使用 SPIRE 自动分发 TLS 证书以进行更安全的身份验证:
https://blog.envoyproxy.io/using-spire-to-automatically-deliver-tls-certificates-to-envoy-for-stronger-authentication-be5606ac9c75
* [ Hardware ] Intel CPU 内部阻抗测量指南:
http://www.keenlit.com/wp-content/uploads/2018/03/IFDIM-BKM-1.pdf
* [ IoTDevice ] 以家庭路由为例讲解 IoT 逆向工程:
http://va.ler.io/myfiles/dva/iot-rev-engineering.pdf
* [ Malware ] 委内瑞拉关于人道主义援助运动的伪造域名钓鱼活动分析:https://securelist.com/dns-manipulation-in-venezuela/89592/
* [ Malware ] 通过替换关键命令诱捕入侵者的 Python 脚本:
https://twitter.com/JusticeRage/status/1095655920846204928
* [ MalwareAnalysis ] 对 Lazarus 下载者的简要分析:
https://medium.com/emptyregisters/lazarus-downloader-brief-analy-17875f342d96
* [ Popular Software ] WordPress "Simple Social Button" 插件曝严重漏洞可导致站点被完全控制:
https://threatpost.com/wordpress-plugin-flaw-website-takeover/141746/
* [ Tools ] SharpShooter v2.0 发布,关于本次更新的功能介绍:
https://www.mdsec.co.uk/2019/02/macros-and-more-with-sharpshooter-v2-0/
* [ Web Security ] 绕过 Facebook CSRF 保护并进一步接管帐户:
https://ysamm.com/?p=185
* [ WirelessSecurity ] 使用 Bettercap 结合 PMKID 手法攻击 WPA/WPA2 网络:
https://www.evilsocket.net/2019/02/13/Pwning-WiFi-networks-with-bettercap-and-the-PMKID-client-less-attack/
* [ Vulnerability ] Bank Muamalat 的 SQL 注入漏洞披露:
https://medium.com/@liontin/sql-injection-web-bank-muamalat-2beeaf845dc7
* [ Popular Software ] Oracle EBS 无需认证的 Blind SSRF 漏洞详情披露(CVE-2018-3167):
https://medium.com/@x41x41x41/unauthenticated-ssrf-in-oracle-ebs-765bd789a145
* [ APT ] 分析 APT28 Zebrocy Delphi 加载器/后门变种: v6.02 -> v7.00:
https://www.vkremez.com/2018/12/lets-learn-dissecting-apt28-zebrocy.html
* [ Exploit ] WebKit 漏洞利用教程 :
https://www.auxy.xyz/tutorial/Webkit-Exp-Tutorial/
商务合作(培训、安服、咨询审计)
微信号:gnosismask