0x00漏洞
1.Cisco SD-WAN嚴重緩沖區溢出漏洞(CVE-2021-1301/ CVE-2021-1300)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
2.Chrome WebAssembly引擎UAF漏洞利用(CVE-2020-15994)
https://blog.br0vvnn.io/pages/blogpost.aspx?id=5
3.FreeBSD使用新的TheFlow漏洞實現內核代碼執行的PoC
https://gist.github.com/sleirsgoevy/ff591bfdc3a6f7573ed2388b018b31ec
0x01工具
1.Reconftw:一個簡單的腳本,旨在對具有多個子域的目標執行全面偵察
https://github.com/six2dez/reconftw
2.MobileHackersWeapons:移動Hacking工具收集
https://github.com/hahwul/MobileHackersWeapons
3.Tritium:通過Kerberos預身份驗證枚舉和噴射有效Active Directory帳戶的工具
https://github.com/S4R1N/Tritium
0x02惡意代碼
1.深入了解Solorigate攻擊活動的第2階段:從SUNBURST到TEARDROP和Raindrop
https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/
2.一次網絡攻擊事件分析:攻擊者使用RDP爆破本地管理員密碼,然后使用Mimikatz轉儲憑據
https://thedfirreport.com/2021/01/18/all-that-for-a-coinminer/
3.深入解析Patchwork APT組織
https://cybleinc.com/2021/01/20/a-deep-dive-into-patchwork-apt-group/
0x03技術
1.逆向Harley's Tuner,Part2
https://therealunicornsecurity.github.io/Powervision-2/
2.使用純VBA編寫反向Shell和進程轉儲器
https://john-woodman.com/research/malicious-vba-macros-trials-tribulations/
3.用Speakeasy模擬內核模式Rootkit
https://www.fireeye.com/blog/threat-research/2021/01/emulation-of-kernel-mode-rootkits-with-speakeasy.html
熱門標簽:
