转载

9月29日 - 每日安全知识热点

【知识】9月29日 - 每日安全知识热点

2017-09-29 10:27:13 阅读：8次来源：安全客

作者：童话

9月29日 - 每日安全知识热点

热点概要：Mac OS X本地Javascript隔离绕过，可实现任意文件读取、 BlueBorne 蓝牙漏洞深入分析与PoC、 DerbyCon 2017 CTF Write Up 、tinfoleak：获取有关Twitter用户活动的详细信息、黑帽SEO剖析之手法篇、 CVE-2017-8046: RCE in PATCH requests in Spring Data REST、 Powershell安全最佳实践、Browser hacking for 280 character tweets

国内热词（以下内容部分来自： http://www.solidot.org/ ）

新浪微博招募千名监督员

中国比特币玩家转战海外

技术类：

Mac OS X本地Javascript隔离绕过，可实现任意文件读取

https://www.wearesegment.com/research/Mac-OS-X-Local-Javascript-Quarantine-Bypass.html

中文版： http://bobao.360.cn/learning/detail/4496.html

tinfoleak：获取有关Twitter用户活动的详细信息

https://github.com/vaguileradiaz/tinfoleak

在Linux 4.13和Go中玩转内核TLS

https://blog.filippo.io/playing-with-kernel-tls-in-linux-4-13-and-go/

BlueBorne 蓝牙漏洞深入分析与PoC

http://bobao.360.cn/learning/detail/4495.html

Dawnscanner：针对ruby应用的源码安全扫描器

https://github.com/thesp0nge/dawnscanner

未授权访问漏洞总结

https://www.secpulse.com/archives/61101.html

黑帽SEO剖析之手法篇

https://thief.one/2017/09/28/1/

BLEACH简单介绍

https://www.evilsocket.net/2017/09/23/This-is-not-a-post-about-BLE-introducing-BLEAH/

针对NFS服务的渗透测试指南

https://pentestacademy.wordpress.com/2017/09/20/nfs/

Win-Sec：Windows下自动化加固脚本

http://seclist.us/win-sec-windows-automation-system-hardening-scripts.html

防火墙工作原理浅析

https://forum.reverse4you.org/showthread.php?t=2627

btproxy：蓝牙中间人分析工具

https://github.com/conorpp/btproxy

每一个安全从业者都应该知道的10个nmap命令

https://www.peerlyst.com/posts/top-10-nmap-commands-every-hacker-should-know?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_resource

Subverting Trust in Windows

https://specterops.io/assets/resources/SpecterOps_Subverting_Trust_in_Windows.pdf

DerbyCon 2017 CTF Write Up

https://labs.nettitude.com/blog/derbycon-2017-ctf-write-up/#top

Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing

https://arxiv.org/pdf/1611.06952.pdf

银行木马企图窃取Brazillion$

http://blog.talosintelligence.com/2017/09/brazilbanking.html

这个Spring高危漏洞，你修补了吗？

https://mp.weixin.qq.com/s/uTiWDsPKEjTkN6z9QNLtSA

CVE-2017-8046: RCE in PATCH requests in Spring Data REST

https://pivotal.io/security/cve-2017-8046

利用Apple设备上的Wi-Fi协议栈

https://googleprojectzero.blogspot.de/2017/09/over-air-vol-2-pt-1-exploiting-wi-fi.html

TLS 1.2 Session Tickets浅谈

https://blog.filippo.io/we-need-to-talk-about-session-tickets/

借用Microsoft代码签名证书

https://blog.conscioushacker.io/index.php/2017/09/27/borrowing-microsoft-code-signing-certificates/

Browser hacking for 280 character tweets

http://blog.erratasec.com/2017/09/browser-hacking-for-280-character-tweets.html#.WczQl8a-uUk

form-grabber恶意代码分析

https://thisissecurity.stormshield.com/2017/09/28/analyzing-form-grabber-malware-targeting-browsers/

Powershell安全最佳实践

https://www.digitalshadows.com/blog-and-research/powershell-security-best-practices/

Exploring Robotics with the Hedgehog Robotics Controller

http://www.deviceplus.com/inspire/exploring-robotics-with-the-hedgehog-robotics-controller/?src=designspark

Evasive Malware Campaign Abuses Free Cloud Service, Targets Korean Speakers

http://blog.fortinet.com/2017/09/20/evasive-malware-campaign-abuses-free-cloud-service-targets-korean-speakers?elq_source=socialmedia&utm_source=TWITTER&utm_id=70186&linkId=42854335

Getting the goods with CrackMapExec: Part 1

https://byt3bl33d3r.github.io/getting-the-goods-with-crackmapexec-part-1.html

Botnet in the Browser: Understanding Threats Caused by Malicious Browser Extensions

https://arxiv.org/pdf/1709.09577.pdf

Server-side browsing considered harmful

http://www.agarri.fr/docs/AppSecEU15-Server_side_browsing_considered_harmful.pdf

CVE-2017-12166: out of bounds write in key-method 1

https://community.openvpn.net/openvpn/wiki/CVE-2017-12166

Chromium RCE Vulnerability Fix

https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix

MIT Tool Lets Programmers Port Source Code Between Incompatible Projects

https://www.bleepingcomputer.com/news/technology/mit-tool-lets-programmers-port-source-code-between-incompatible-projects/