恶意软件 Malware
Cerberus银行木马研究
https://github.com/ics-iot-bootcamp/cerberus_research
安全研究 Security Research
CVE-2020-9715: AdobeReader UAF漏洞分析
https://www.zerodayinitiative.com/blog/2020/9/2/cve-2020-9715-exploiting-a-use-after-free-in-adobe-reader
利用内存级漏洞实现 Java 运行时 SecurityManager 沙盒逃逸
https://insinuator.net/2020/09/java-buffer-overflow-with-bytebuffer-cve-2020-2803-and-mutable-methodtype-cve-2020-2805-sandbox-escapes/
卡巴斯基对PowerFall行动中所使用的CVE-2020-0986漏洞及其变体的分析
https://securelist.com/operation-powerfall-cve-2020-0986-and-variants/98329/
利用 Bitlocker 实现 Windows 10 锁屏绕过和特权提升
https://docs.google.com/document/d/1S4jU7knBG_Km_AdHXf8JyE8zl0SOxQ9VvYFPanQy1g8/edit
CVE-2020-7460: FreeBSD内核权限提升漏洞分析
https://www.thezdi.com/blog/2020/9/1/cve-2020-7460-freebsd-kernel-privilege-escalation
ProjectZero: WebKit JIT 漏洞分析
https://googleprojectzero.blogspot.com/2020/09/jitsploitation-one.html
ProjectZero: JIT 漏洞利用之读写能力的获得
https://googleprojectzero.blogspot.com/2020/09/jitsploitation-two.html
ProjectZero: JIT 漏洞利用之内存保护机制绕过
https://googleprojectzero.blogspot.com/2020/09/jitsploitation-three.html
安全资讯 Security Information
Microsoft Defender可被用于下载恶意软件
https://twitter.com/mohammadaskar2/status/1301263551638761477
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论