最新消息:

每日安全动态(8-20)

安全期刊 J1anCan 473浏览 0评论

1. 来自Google的Project Zero团队的新闻和更新

https://googleprojectzero.blogspot.com/2018/08/the-problems-and-promise-of-webassembly.html

2. https://github.com/ohpe/juicy-potato#juicy-potato-abusing-the-golden-privileges

3. https://github.com/calebmadrigal/trackerjacker

4. https://github.com/JamesNewton/DroidScriptBusPirate

5. Foreshadow Attacks – 发现3个新的Intel CPU侧通道缺陷

https://thehackernews.com/2018/08/foreshadow-intel-processor-vulnerability.html

6. Microsoft.Workflow.Compiler.exe中的任意,未签名的代码执行向量

https://posts.specterops.io/arbitrary-unsigned-code-execution-vector-in-microsoft-workflow-compiler-exe-3d9294bc5efb

7. https://github.com/two06/Inception

8. 反射DLL和你
Reflective DLLs and You

9. https://github.com/infosecn1nja/Red-Teaming-Toolkit

10. DigitalBodyGuard

https://www.digitalbodyguard.com/graydragon.html

11. 深度防御 – 微软的方式(第48部分):傻瓜的特权升级 – 他们没有让这个愚蠢的失误?

http://seclists.org/fulldisclosure/2017/Jul/11

12. JavaScript Web应用程序和服务器易受ReDoS攻击

https://www.bleepingcomputer.com/news/security/javascript-web-apps-and-servers-vulnerable-to-redos-attacks/

13. 从Workstation到Domain Admin:为什么安全管理不安全以及如何解决问题(pdf)
https://i.blackhat.com/us-18/Wed-August-8/us-18-Metcalf-From-Workstation-To-Domain-Admin-Why-Secure-Administration-Isnt-Secure.pdf

14. Linux缓冲区溢出x86第2部分(覆盖和操作RETURN地址)

Linux Buffer Overflows x86 Part -2 ( Overwriting and manipulating the RETURN address)

15. Foreshadow Attacks – 发现3个新的Intel CPU侧通道缺陷
https://thehackernews.com/2018/08/foreshadow-intel-processor-vulnerability.html

转载请注明:即刻安全 » 每日安全动态(8-20)

您必须 登录 才能发表评论!



合作伙伴