热点概要:对Google公布的OSS-Fuzz初始印象、使用Powershell和PNG在Imgur上投毒、Shadow Stack 阻击缓冲区溢出漏洞、Apache Tomcat多版本远程代码执行CVE-2016-8735(附POC)
国内热词:
甲骨文可能终止了Solaris开发
USB Killer 开始大规模生产,售价50美元
Google公共NTP服务器将通过“降速”增加闰秒
Fitbit以4000万美元收购Pebble
沙特遭到毁灭性黑客攻击
苹果将用无人机提高苹果地图质量
资讯类:
缓冲区溢出漏洞能够绕过iOS 10.1.1的激活锁
分布式猜解VISA信用卡账号仅仅需要6秒
http://securityaffairs.co/wordpress/54036/hacking/distributed-guessing-attack.html
技术类:
对Google公布的OSS-Fuzz初始印象
https://alexgaynor.net/2016/dec/03/oss-fuzz-initial-impressions/
RedStar OS 3.0:远程命令注入漏洞
https://www.myhackerhouse.com/redstar-os-3-0-remote-arbitrary-command-injection/
使用Powershell和PNG在Imgur上投毒
http://colin.keigher.ca/2016/12/going-viral-on-imgur-with-powershell.html
BitUnmap: Attacking Android Ashmem
https://googleprojectzero.blogspot.jp/2016/12/bitunmap-attacking-android-ashmem.html
玩转CSRF之挖洞实例分享
https://www.ohlinge.cn/web/web_csrf.html
PowerForensics:提供现场硬盘取证分析的powershell平台
https://github.com/Invoke-IR/PowerForensics
Android: system_server中的代码载入绕过漏洞
https://bugs.chromium.org/p/project-zero/issues/detail?id=955
TR-064蠕虫:虽然不是mirai,但是有趣的断网行为
https://www.pentestpartners.com/blog/tr-064-worm-its-not-mirai-and-the-outages-are-interesting/
使用事件查看器(event viewer)绕过UAC的poc
https://github.com/rapid7/metasploit-framework/pull/7532
Shadow Stack to fight buffer overflows
http://deroko.phearless.org/shadow_stack.txt
MS Edge CMarkup::EnsureDeleteCFState UAF漏洞
https://cxsecurity.com/issue/WLB-2016120015
Albania VulnHub 漏洞虚拟机的 Writeup
https://g0blin.co.uk/albania-vulnhub-writeup/
hashcat v3.20发行
https://hashcat.net/forum/thread-6085.html
使用Qradar分析进程日志,检测终端威胁
https://securityintelligence.com/detect-endpoint-threats-by-analyzing-process-logs-in-qradar/
Apache Tomcat多版本远程代码执行CVE-2016-8735(附POC)
http://bobao.360.cn/learning/detail/3260.html
文章原文链接:https://www.anquanke.com/post/id/85047