(转载)2020.8.3-8.9一周安全知识动态
2020.8.3-8.9一周安全知识动态
转自
浏览器漏洞相关
•Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
1 | https://github.com/sslab-gatech/pwn2own2020Pwn2own2020 macOS利用链 |
•0day Exploit Root Cause Analyses
1 | https://googleprojectzero.blogspot.com/p/rca.html三个在野0day:CVE-2019-17026(Firefox)、CVE-2020-0674(InternetExplorer)、CVE-2020-6820(Firefox)分析 |
•Understanding Web Security Checks in Firefox
1 | https://blog.mozilla.org/attack-and-defense/2020/08/05/understanding-web-security-checks-in-firefox-part-2/firefox中的WebSecurityChecks机制分析 |
操作系统漏洞相关
•Exploiting Android Messengers with WebRTC
1 | https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-1.html |
•Group Policies Going Rogue
1 | https://www.cyberark.com/resources/threat-research-blog/group-policies-going-rogueWindowsgroup policy object(GPO) 机制分析以及漏洞挖掘 |
•TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices
1 | https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices梯云纵漏洞资料 |
•Breaking Samsung’s Root of Trust: Exploiting Samsung S10 Secure Boot
1 | https://t.co/An06bgtX76?amp=1blackhat 2020议题《BreakingSamsung's Root of Trust: Exploiting Samsung S10 Secure Boot》slide |
•iOS Kernel PAC, One Year Later
1 | https://bazad.github.io/presentations/BlackHat-USA-2020-iOS_Kernel_PAC_One_Year_Later.pdfblackhat202议题《iOS Kernel PAC, OneYearLater》slide |
应用程序漏洞相关
•MMS Exploit Part
1 | https://googleprojectzero.blogspot.com/2020/07/mms-exploit-part-1-introduction-to-qmage.html |
•The danger of world writable NFS shares
1 | https://medium.com/@securityshenaningans/the-danger-of-world-writable-nfs-shares-39ecfe868468NFS共享的危害 |
•Ghostscript SAFER Sandbox Breakout (CVE-2020-15900)
1 | https://insomniasec.com/blog/ghostscript-cve-2020-15900CVE-2020-15900Ghostscript漏洞分析 |
•Path Traversal Vulnerability in SecurEnvoy impacts on remote command execution through file upload
1 | https://sidechannel.tempestsi.com/path-traversal-vulnerability-in-securenvoy-impacts-on-remote-command-execution-through-file-upload-ec2e731bd50aSecurMail上传文件漏洞分析 |
•How i find Blind Remote Code Execution vulnerability
1 | https://medium.com/@viveik.chauhan/blind-remote-code-execution-b9c4e119f7c3blind rce分析 |
•Hacking Cisco SD-WAN vManage 19.2.2 — From CSRF to Remote Code Execution
1 | https://medium.com/walmartglobaltech/hacking-cisco-sd-wan-vmanage-19-2-2-from-csrf-to-remote-code-execution-5f73e2913e77Cisco SD-WAN vManage 19.2.2从csrf到rce漏洞分析 |
•Pwn2Own -> Xxe2Rce
1 | http://muffsec.com/blog/?p=608Pwn2Own上的Xxe到Rce漏洞分析 |
•Vulnerabilities in the Openfire Admin Console
1 | https://swarm.ptsecurity.com/openfire-admin-console/OpenfireAdminConsole漏洞分析 |
•AST Injection, Prototype Pollution to RCE
1 | https://blog.p6.is/AST-Injection/AST注入,原型链漏洞分析 |
IOT漏洞相关
•Don’t be silly – it’s only a lightbulb
1 | https://research.checkpoint.com/2020/dont-be-silly-its-only-a-lightbulb/ZigBee照明设备分析 |
漏洞挖掘相关
•Fuzzing afdko with AFL in 32bit Mode
1 | https://hardik05.wordpress.com/2020/08/08/fuzzing-afdko-with-afl-in-32bit-mode/通过afl fuzz afdko |
•Capturing memory corruptions with symbolic execution - Introduction to KLEE (part 3)
1 | https://www.youtube.com/watch?v=XLtoWNbnfK0通过执行进行漏洞挖掘 |
其它
•Bypassing internet connectivity and copy-paste restriction to Infiltrating malicious data
1 | http://www.mannulinux.org/2020/08/bypassing-internet-connectivity-and.html绕过恶意数据传输限制 |
•Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks
1 | https://modernnetsec.io/intel-arm-ibm-amd-processors-vulnerable-to-new-side-channel-attacks/对于cpu处理器侧信道攻击的方法 |
•Over 400 vulnerabilities on Qualcomm’s Snapdragon chip threaten mobile phones’ usability worldwide
1 | https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/DigitalSignal处理器漏洞分析 |
•DEFCON 2020 Live Notes
1 | https://nullsweep.com/defcon-2020-live-notes/defcon2020会议议题笔记 |