【知识】11月30日 - 每日安全知识热点

热点概要：Google XSS Game Writeup、可以攻击Tor用户的Firefox 0day POC、Cobalt Strike和Empire与Aggressor Script的互操作性、调试ms08-067漏洞适应到x64平台

国内热词：

---

iCloud 日历广告邀请泛滥成灾

普京将中国的防火长城带到俄罗斯

雷神公司用定向能武器摧毁无人机

资讯类：

---

黑客在选举日破坏科威特议会大选，警告MP是伊朗间谍

http://news.softpedia.com/news/hackers-breach-kuwaiti-parliament-site-on-election-day-warn-mp-is-iranian-spy-510585.shtml

Firefox 0day被发现用于攻击TOR用户

http://arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/?amp=1

技术类：

---

【CTF攻略】CTF线下赛AWD模式下的生存技巧

http://m.bobao.360.cn/appctf/appdetail/169.html

Google XSS Game Writeup

https://b1ngz.github.io/google-xss-game-writeup/

黑产揭秘：“打码平台”那点事儿

https://jaq.alibaba.com/community/art/show?articleid=628

JSON-handle DomXSS Vulnerability (Ver 1.4.11 / 20160926)

https://www.n0tr00t.com/2016/11/29/firefox-addon-JSON-handle-DomXSS.html

可以攻击Tor用户的Firefox 0day POC

https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html

Cobalt Strike和Empire与Aggressor Script的互操作性

https://bluescreenofjeff.com/2016-11-29-beaconpire-cobalt-strike-and-empire-interoperability-with-aggressor-script/

PANDA 2.0公布

http://mailman.mit.edu/pipermail/panda-users/2016-November/000535.html

使用HollowFind Volatility Plugin检测欺骗性流程中心技术

https://cysinfo.com/detecting-deceptive-hollowing-techniques/

Edmodo的bug导致可以编辑任意post和改变隐私

https://arbingodar.com/idor-vulnerability-on-edmodo/

调试ms08-067漏洞适应到x64平台

https://labs.mwrinfosecurity.com/publications/hello-ms08-067-my-old-friend/

oracle JRE 不再信任md5签名

https://blogs.oracle.com/java-platform-group/entry/oracle_jre_will_no_longer

WinPower V4.9.0.4的提权漏洞

http://security.szurek.pl/winpower-v4904-privilege-escalation.html

Vicinity of obscurity！Fareit 木马通过未知文件类型来扩散

https://www.grahamcluley.com/vicinity-obscurity-fareit-trojan-spreading-uncommon-file-type/

VindowsLocker勒索软件使用新的骗局技术

http://www.bleepingcomputer.com/news/security/vindowslocker-ransomware-mimics-tech-support-scam-not-the-other-way-around/