证券简称:天融信   证券代码:002212
安全通告
首页 > 技术支持 > 安全通告

每日攻防资讯简报[Apr.2th]

发布时间:2021-04-02查看次数:156
分享到

0x00漏洞

1.命令式编程语言Janet v1.1 REPL沙箱绕过

https://anee.me/janet-v1-1-repl-sandbox-bypass-f8bbe141a4f1

2.在QNAP制造的特定类型的NAS设备中发现的两个最近的漏洞及其潜在影响

https://securingsam.com/new-vulnerabilities-allow-complete-takeover/

3.SaltStack Salt API未经身份验证的远程命令执行

https://packetstormsecurity.com/files/162058/saltstack_salt_wheel_async_rce.rb.txt

0x01工具

1.Pagebuster:隐秘的转储所有(加壳程序)执行过的代码(Linux)

https://github.com/revng/pagebuster

https://rev.ng/blog/pagebuster/post.html

2.etherblob-explorer:使用Etherscan.io API在以太坊网络上搜索和提取Blob文件

https://github.com/litneet64/etherblob-explorer

3.CredMaster:通过Amazon AWS直通代理启动密码爆破,为每次身份验证尝转换IP地址

https://github.com/knavesec/CredMaster

0x02恶意代码

1.另一个Cobalt Strike Stager:GUID版

https://www.guidepointsecurity.com/yet-another-cobalt-strike-loader-guid-edition/

0x03技术

1.跨加壳器和DLL加载器的代码重用

https://blog.reversinglabs.com/blog/code-reuse-across-packers-and-dll-loaders

2.Intigriti — XSS Challenge 0321

https://infosecwriteups.com/intigriti-xss-challenge-0321-472ae0a48254

3.微软发布的《安全信号》研究报告,报告表明针对IoT固件的攻击依然在增加

https://www.microsoft.com/security/blog/2021/03/30/new-security-signals-study-shows-firmware-attacks-on-the-rise-heres-how-microsoft-is-working-to-help-eliminate-this-entire-class-of-threats/

4.2020年全球数据风险报告

https://go.talasecurity.io/global-data-risk-state-web-report-2020

5.通过回调执行Shellcode

https://osandamalith.com/2021/04/01/executing-shellcode-via-callbacks/

6.2021年Microsoft年度漏洞报告

https://www.beyondtrust.com/resources/whitepapers/microsoft-vulnerability-report

7.拆解最新的O365网络钓鱼技术

https://info.phishlabs.com/blog/breaking-down-the-latest-o365-phishing-techniques-1

8.云原生安全101

https://www.intezer.com/blog/cloud-security/cloud-native-security-101/

9.2020年第四季度互联网安全报告,报告显示:无文件恶意软件攻击激增了900%,加密矿工卷土重来,而勒索软件攻击却在下降

https://www.watchguard.com/wgrd-resource-center/security-report-q4-2020

10.DDoS攻击的未来是什么样的

https://americansecuritytoday.com/what-does-the-future-of-ddos-attacks-look-like/


欧美一线高本道高清免费,日日摸夜夜添夜夜添国产91,一区二区不卡在线视频,国产国语脏话对白免费视频 网站地图