26
10月

Tittle: 2018.10.26

0 作者:admin

Bitdefender & Law Enforcement Solve for Multiple Versions of GandCrab(1,4,5) with New Decryptor

Misconfigured Container Abused to Deliver Cryptocurrency-mining Malware

New Techniques to Uncover and Attribute Cobalt Gang Commodity Builders and Infrastructure Revealed

New DemonBot Discovered:DDoS botnet goes after Hadoop enterprise servers

BianLian - from rags to riches, the malware dropper that had a dream

Android/TimpDoor Turns Mobile Devices Into Hidden Proxies

Cutwail Spam Campaign Uses Steganography to Distribute URLZone

一键安装藏隐患,phpStudy 批量入侵的分析与溯源

Technical Rundown of WebExec (CVE-2018-15442) - Cisco Webex Meetings Desktop App for Windows RCE with SYSTEM privileges

tools Cisco WebEx RCE Metasploit Modules

tools Cisco WebEx RCE Nmap NSE

CVE-2018-14665 : Xorg X Server Privilege Escalation

tools POC for CVE-2018-14665

Exploit Remote Code Execution via jQuery-File-Upload <= 9.x (ImageMagick/Ghostscript)

Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities

Control Register Access Exiting and Crashing VMware

TBAL: an (accidental?) DPAPI Backdoor for local users

Another Word on Delegation-abusing resource-based constrained delegation to take over computer objects.

Building resilient C2 infrastructures using DNS over HTTPS (DoH)

How malicious mobile apps can abuse paired Bluetooth Low Energy peripherals

Playing with the Windows Notification Facility (WNF)

Source Level Debugging the XNU Kernel

Authentication done right: Consuming (and Serving) Oauth2.0

DAWG: A Defense Against Cache Timing Attacks in Speculative Execution Processors∗

TenSec 2018 大会议题材料

tools off-by-slash:Burp extension to detect alias traversal via NGINX misconfiguration at scale.

tools SharpCradle is a tool designed to help penetration testers or red teams download and execute .NET binaries into memory.


评论


当前没有评论,快来评论吧!





来说点什么吧