http://p6.qhimg.com/t017313015b51e6034e.png


热点概要:对Google公布的OSS-Fuzz初始印象、使用Powershell和PNG在Imgur上投毒、Shadow Stack 阻击缓冲区溢出漏洞、Apache Tomcat多版本远程代码执行CVE-2016-8735(附POC)


国内热词:


甲骨文可能终止了Solaris开发

USB Killer 开始大规模生产,售价50美元

Google公共NTP服务器将通过“降速”增加闰秒

Fitbit以4000万美元收购Pebble

沙特遭到毁灭性黑客攻击

苹果将用无人机提高苹果地图质量

资讯类:


缓冲区溢出漏洞能够绕过iOS 10.1.1的激活锁

http://arstechnica.com/apple/2016/12/buffer-overflow-exploit-can-bypass-activation-lock-on-ipads-running-ios-10-1-1/

分布式猜解VISA信用卡账号仅仅需要6秒

http://securityaffairs.co/wordpress/54036/hacking/distributed-guessing-attack.html

技术类:


对Google公布的OSS-Fuzz初始印象

https://alexgaynor.net/2016/dec/03/oss-fuzz-initial-impressions/

RedStar OS 3.0:远程命令注入漏洞

https://www.myhackerhouse.com/redstar-os-3-0-remote-arbitrary-command-injection/

使用Powershell和PNG在Imgur上投毒

http://colin.keigher.ca/2016/12/going-viral-on-imgur-with-powershell.html

BitUnmap: Attacking Android Ashmem

https://googleprojectzero.blogspot.jp/2016/12/bitunmap-attacking-android-ashmem.html

玩转CSRF之挖洞实例分享

https://www.ohlinge.cn/web/web_csrf.html

PowerForensics:提供现场硬盘取证分析的powershell平台

https://github.com/Invoke-IR/PowerForensics

Android: system_server中的代码载入绕过漏洞

https://bugs.chromium.org/p/project-zero/issues/detail?id=955

TR-064蠕虫:虽然不是mirai,但是有趣的断网行为

https://www.pentestpartners.com/blog/tr-064-worm-its-not-mirai-and-the-outages-are-interesting/

使用事件查看器(event viewer)绕过UAC的poc

https://github.com/rapid7/metasploit-framework/pull/7532

Shadow Stack to fight buffer overflows

http://deroko.phearless.org/shadow_stack.txt

MS Edge CMarkup::EnsureDeleteCFState UAF漏洞

https://cxsecurity.com/issue/WLB-2016120015

Albania VulnHub 漏洞虚拟机的 Writeup

https://g0blin.co.uk/albania-vulnhub-writeup/

hashcat v3.20发行

https://hashcat.net/forum/thread-6085.html

使用Qradar分析进程日志,检测终端威胁

https://securityintelligence.com/detect-endpoint-threats-by-analyzing-process-logs-in-qradar/

Apache Tomcat多版本远程代码执行CVE-2016-8735(附POC)

http://bobao.360.cn/learning/detail/3260.html

文章原文链接:https://www.anquanke.com/post/id/85047