证券简称:w88手机登录下载   证券代码:002212
安全通告
首页 > 技术支持 > 安全通告

每日攻防资讯简报[Oct.18th]

发布时间:2021-10-18查看次数:280
分享到
0x00漏洞

1.一种影响 AMD CPU 的新侧信道攻击

https://cispa.de/en/research/publications/3507-amd-prefetch-attacks-through-power-and-time

 

2.(0Day) Foxit Reader launchURL 命令注入远程代码执行漏洞

https://www.zerodayinitiative.com/advisories/ZDI-17-691/

0x01工具

1.binocle: 二进制数据可视化工具

https://github.com/sharkdp/binocle

 

2.domain-protect: 针对子域名接管的防护

https://github.com/ovotech/domain-protect

 

3.Smuggler: Python 3 编写的 HTTP 请求走私 / 去同步测试工具

https://github.com/defparam/smuggler

 

4.networkit: 高性能网络分析工具套件

https://github.com/networkit/networkit

0x02恶意代码

1.分析在 SoarWinds 攻击中使用的 GoLang 编写的恶意代码

https://www.youtube.com/watch?v=_cL-OwU9pFQ

https://www.youtube.com/watch?v=YRqTrq11ebg

 

2.MirrorBlast 行动: 俄罗斯背景的黑客组织 TA505 使用轻量级 Office 文件针对金融机构的攻击

https://blog.morphisec.com/explosive-new-mirrorblast-campaign-targets-financial-companies

 

3.恶意软件 Trickbot 通过新的投递渠道进行传播

https://securityintelligence.com/posts/trickbot-gang-doubles-down-enterprise-infection/

0x03技术

1.使用链加载器在进程中跟踪系统调用

https://www.humprog.org/~stephen/blog/2021/10/14/#syscall-tracing-in-process

 

2.House of IO - Underflow 允许从具有缓冲区下溢漏洞的 Malloc 返回任意内存地址

https://maxwelldulin.com/BlogPost?post=6295828480

 

3.创建一个简易的 Python 反向 Shell 监听器

https://tpetersonkth.github.io/2021/10/16/Creating-a-Basic-Python-Reverse-Shell-Listener.html

 

4.使用机器学习破解伪随机数生成器 (PRNG), 在不知道种子的情况下使用先前生成的数字来预测随机数的序列, Part1: xorshift128

https://research.nccgroup.com/2021/10/15/cracking-random-number-generators-using-machine-learning-part-1-xorshift128/

 

5.内存取证之: 检测 Mimikatz 的 Skeleton 密钥攻击

https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html

 

6.使用 nRF52 蓝牙芯片进行蓝牙 WarDriving

https://machinehum.medium.com/bluetooth-wardriving-with-the-nrf52-c6beaf7bc5e2

 

7.HTB: Dynstr

https://0xdf.gitlab.io/2021/10/16/htb-dynstr.html

 

8.HackTheBox Writeup: Cap

https://infosecwriteups.com/hackthebox-writeup-cap-43c7b6bcb32a

 

9.Vulnhub Doubletrouble: Walkthrough

https://infosecwriteups.com/vulnhub-doubletrouble-walkthrough-b8958f894ca

 

10.TheNotebook HackTheBox Walkthrough

https://www.hackingarticles.in/thenotebook-hackthebox-walkthrough/

 

11.通过SSRF攻击利用Redis

https://infosecwriteups.com/exploiting-redis-through-ssrf-attack-be625682461b

 

12.初学者 CSRF 指南

https://infosecwriteups.com/csrf-for-begginers-673d00efa770

 

13.硬件黑客手册:用硬件攻击破坏嵌入式安全

https://www.amazon.com/Hardware-Hacking-Handbook-Breaking-Embedded-ebook/dp/B077WZBFYL