25
3月

Tittle: 2019.3.26

0 作者:admin

Operation ShadowHammer:a newly discovered supply chain attack that leveraged ASUS Live Update software.

Let’s play with Qulab, an exotic malware developed in AutoIT

The odd case of a Gh0stRAT variant

LockerGoga Ransomware Targets Aluminum Manufacturer Norsk Hydro, American Chemicals Companies Hexion and Momentive

拍拍熊(APT-C-37):持续针对某武装组织的攻击活动揭露

KBuster:以伪造韩国银行APP的韩国黑产活动披露

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw(telling the story behind the discovery of CVE-2019-5241 & CVE-2019-5242 vulnerabilities in Huawei PC Manager driver)

VMware: Host VMX Process Impersonation Hijack EoP(CVE-2018-5511)

VMware: Host VMX Process COM Class Hijack EoP(CVE-2019-5512)

CVE-2019-7286 Part II: Gaining PC Control(iOS/OSX)

Multiple Vulnerabilities in Grandstream Products

Social Warfare(WordPress Plugins) XSS and RCE Vulnerabilities and Attack Data

披露一种针对W-IFI WPA/WPA2协议的MOTS(Man-On-The-Side)的攻击方式

An Analysis of Pre-installed Android Software

One-Way Shellcode for firewall evasion using Out Of Band data

Some notes on identifying exit and hypercall handlers in HyperV

Abusing cryptocurrencies on Android smartphones

Riding the lightning: iLO4&5 BMC security wrap-up

以攻促防:企业蓝军建设思考

tools GogsOwnz is a simple script to gain administrator rights and RCE on a Gogs/Gitea server(CVE-2018-18925, CVE-2018-20303)

tools SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

tools xendbg:A feature-complete reference implementation of a modern Xen VMI debugger.


评论


当前没有评论,快来评论吧!





来说点什么吧