{"type":"doc","content":[{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美东时间 2021 年 8 月 4 日下午,PWNIE 大奖揭晓"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美东当地时间 2021 年 8 月 4 日下午,"},{"type":"link","attrs":{"href":"https:\/\/pwnies.com\/nominations\/active\/","title":"xxx","type":null},"content":[{"type":"text","text":"美国黑帽大会(2020 届)年度 PWNIE 颁奖典礼"}]},{"type":"text","text":"在曼德勒湾英孚举行。为多个企业和个人颁发包括“反响最差的供应商”,“史诗级安全研究成就”,“最佳权限提升漏洞”等在内的共十个奖项,引发来自全球科技媒体的关注及报道。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"从“最佳漏洞”到“史诗般失败”,获奖者来自各行各业"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在这十大 PWNIE 奖项中,包含了九个漏洞奖项和一个与漏洞相关的颁奖典礼“最佳歌曲”奖。而获奖对象既有天才般的研究员如 Enes Goktas、Kaveh Razavi、Georgios Portokalidis,也有包括微软、NSA(美国国家安全局)在内的著名政府机构或企业,奖项涉猎范围广泛,获奖人员背景丰富多样。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"InfoQ 选取了其中五个具有代表性 PWINE 奖项进行说明,其奖项名称,获奖者以及获奖缘由如下:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最佳漏洞奖 --Sudo 中基于堆的缓冲区溢出。"},{"type":"text","text":"该奖项授予了 Qualys,表彰其识别了 Sudo 实用程序中的 CVE-2021-3156 漏洞,该漏洞允许攻击者获得 root 权限。值得一提的是,该漏洞在代码中存在了大约 10 年,因为它无法被模糊化,并且要发现该漏洞需要了解系统如何与 sudo 交互,使其成为一个非常聪明的发现。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最佳服务器端错误 --Microsoft Exchange Server。"},{"type":"text","text":"该奖项授予了 DevCore 首席安全研究员 Orange Tsai,表彰其检测到 Microsoft Exchange 上的新向量攻击。这次研究共发现了 7 个漏洞,其中 CVE-2021-26855 (ProxyLogon) 和 CVE-2021-27065 漏洞数据已经发布,前者允许攻击者在未经身份验证的情况下提取任意用户的数据,后者使得攻击者能够以管理员权限在服务器上执行代码。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最佳密码攻击 --Windows Clients and Servers。"},{"type":"text","text":"该漏洞由 "},{"type":"link","attrs":{"href":"https:\/\/www.nsa.gov","title":"xxx","type":null},"content":[{"type":"text","text":"NSA(美国国家安全局)"}]},{"type":"text","text":"发现并披露。由于微软在基于椭圆曲线的数字签名技术方面的漏洞 (CVE-2020-0601),攻击者可以根据公钥生成私钥,进而允许攻击者为 HTTPS 和在 Windows 中验证为可信的虚构数字签名创建虚假 TLS 证书,破坏证书信任链。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最具创新性的研究 --Blind ROP(BROP)。"},{"type":"text","text":"该奖项授予 VUSec 团队成员 Enes Goktas、Kaveh Razavi、Georgios Portokalidis、Herbert Bos、Cristiano Giuffrida,他们提供盲侧方法绕过基于寻址地址 (ASLR) 的保护,同时利用对处理器指令的推测执行而造成第三方渠道泄漏。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"史诗般的失败(Most Epic Fail)-- 打印机系统的噩梦。"},{"type":"text","text":"该奖项授予微软,表彰其多次发布的打印机代码执行漏洞 Printnightmare (CVE-2021-34527) 。在 Windows 的打印系统中,攻击者可以自由执行代码 -- 最初,微软将问题标记为本地问题,但后来发现攻击者还可以远程执行代码。于是微软为此发布更新,在前后多达四次的更新中,微软每次更新都只关闭了一个特例(总共有四个),这使得研究人员在每次更新后都能找到新的攻击方式,导致微软不得不继续进行下一次更新。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上述列举的奖项代表了一部分颁奖方向和当下的安全漏洞行业进展。不难看出,微软系统是漏洞重灾区,Linux也有相关漏洞;这一方面凸显了微软的系统的受众面之广,另一方面也在给相关企业\/社区不断敲响警钟--漏洞攻击防范非一朝一夕之功,只要有网络系统存在的地方,就有网络安全\/系统安全的隐患,作为计算机技术行业的从业者,应该多多关注,为漏洞安全尽一份自己的力量。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"“奥斯卡”与“金草莓”共存的黑客大奖"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美国黑帽(Black Hat)大会的年度 PWNIE 奖旨在表彰过去 12 个月内对网络安全行业产生某种影响的安全研究人员、供应商和其他人(包括媒体机构)。奖项提名来自整个安全社区,由一个受人尊敬的安全研究人员组成的小组审查提名。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"PWNIE 的奖项代表着社区成员的崇敬。一直以来,PWNIE 都是社区给有意义的实践者们颁发的行业级大奖,但同时也被用来谴责那些因安全故障而产生相反效果的人或者企业,例如上述的史诗般的失败(Most Epic Fail)大奖。也因此,PWINE 奖项被称为网络安全界的“奥斯卡”和“金草莓”奖。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"2021 年,PWNIE 呼吁更多核安全相关的技术组织和研究人员来解决安全问题,推动他们在这一年中的对安全漏洞的正确利用和错误发现成为新闻,同时激励其在工作中为漏洞研究和攻击技术提供新的见解。该奖项持续关注安全领域的新发现,可能连续第二年表彰没有得到应有关注的研究。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"参考链接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"https:\/\/pwnies.com\/winners"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"https:\/\/www.altusintel.com\/public-yy425x"}]}]}
安全界的“奥斯卡”奖揭晓,微软系统漏洞被列为“史诗般的失败”
{"type":"doc","content":[{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美东时间 2021 年 8 月 4 日下午,PWNIE 大奖揭晓"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美东当地时间 2021 年 8 月 4 日下午,"},{"type":"link","attrs":{"href":"https:\/\/pwnies.com\/nominations\/active\/","title":"xxx","type":null},"content":[{"type":"text","text":"美国黑帽大会(2020 届)年度 PWNIE 颁奖典礼"}]},{"type":"text","text":"在曼德勒湾英孚举行。为多个企业和个人颁发包括“反响最差的供应商”,“史诗级安全研究成就”,“最佳权限提升漏洞”等在内的共十个奖项,引发来自全球科技媒体的关注及报道。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"从“最佳漏洞”到“史诗般失败”,获奖者来自各行各业"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在这十大 PWNIE 奖项中,包含了九个漏洞奖项和一个与漏洞相关的颁奖典礼“最佳歌曲”奖。而获奖对象既有天才般的研究员如 Enes Goktas、Kaveh Razavi、Georgios Portokalidis,也有包括微软、NSA(美国国家安全局)在内的著名政府机构或企业,奖项涉猎范围广泛,获奖人员背景丰富多样。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"InfoQ 选取了其中五个具有代表性 PWINE 奖项进行说明,其奖项名称,获奖者以及获奖缘由如下:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最佳漏洞奖 --Sudo 中基于堆的缓冲区溢出。"},{"type":"text","text":"该奖项授予了 Qualys,表彰其识别了 Sudo 实用程序中的 CVE-2021-3156 漏洞,该漏洞允许攻击者获得 root 权限。值得一提的是,该漏洞在代码中存在了大约 10 年,因为它无法被模糊化,并且要发现该漏洞需要了解系统如何与 sudo 交互,使其成为一个非常聪明的发现。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最佳服务器端错误 --Microsoft Exchange Server。"},{"type":"text","text":"该奖项授予了 DevCore 首席安全研究员 Orange Tsai,表彰其检测到 Microsoft Exchange 上的新向量攻击。这次研究共发现了 7 个漏洞,其中 CVE-2021-26855 (ProxyLogon) 和 CVE-2021-27065 漏洞数据已经发布,前者允许攻击者在未经身份验证的情况下提取任意用户的数据,后者使得攻击者能够以管理员权限在服务器上执行代码。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最佳密码攻击 --Windows Clients and Servers。"},{"type":"text","text":"该漏洞由 "},{"type":"link","attrs":{"href":"https:\/\/www.nsa.gov","title":"xxx","type":null},"content":[{"type":"text","text":"NSA(美国国家安全局)"}]},{"type":"text","text":"发现并披露。由于微软在基于椭圆曲线的数字签名技术方面的漏洞 (CVE-2020-0601),攻击者可以根据公钥生成私钥,进而允许攻击者为 HTTPS 和在 Windows 中验证为可信的虚构数字签名创建虚假 TLS 证书,破坏证书信任链。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最具创新性的研究 --Blind ROP(BROP)。"},{"type":"text","text":"该奖项授予 VUSec 团队成员 Enes Goktas、Kaveh Razavi、Georgios Portokalidis、Herbert Bos、Cristiano Giuffrida,他们提供盲侧方法绕过基于寻址地址 (ASLR) 的保护,同时利用对处理器指令的推测执行而造成第三方渠道泄漏。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","attrs":{"listStyle":null},"content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"史诗般的失败(Most Epic Fail)-- 打印机系统的噩梦。"},{"type":"text","text":"该奖项授予微软,表彰其多次发布的打印机代码执行漏洞 Printnightmare (CVE-2021-34527) 。在 Windows 的打印系统中,攻击者可以自由执行代码 -- 最初,微软将问题标记为本地问题,但后来发现攻击者还可以远程执行代码。于是微软为此发布更新,在前后多达四次的更新中,微软每次更新都只关闭了一个特例(总共有四个),这使得研究人员在每次更新后都能找到新的攻击方式,导致微软不得不继续进行下一次更新。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上述列举的奖项代表了一部分颁奖方向和当下的安全漏洞行业进展。不难看出,微软系统是漏洞重灾区,Linux也有相关漏洞;这一方面凸显了微软的系统的受众面之广,另一方面也在给相关企业\/社区不断敲响警钟--漏洞攻击防范非一朝一夕之功,只要有网络系统存在的地方,就有网络安全\/系统安全的隐患,作为计算机技术行业的从业者,应该多多关注,为漏洞安全尽一份自己的力量。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"“奥斯卡”与“金草莓”共存的黑客大奖"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美国黑帽(Black Hat)大会的年度 PWNIE 奖旨在表彰过去 12 个月内对网络安全行业产生某种影响的安全研究人员、供应商和其他人(包括媒体机构)。奖项提名来自整个安全社区,由一个受人尊敬的安全研究人员组成的小组审查提名。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"PWNIE 的奖项代表着社区成员的崇敬。一直以来,PWNIE 都是社区给有意义的实践者们颁发的行业级大奖,但同时也被用来谴责那些因安全故障而产生相反效果的人或者企业,例如上述的史诗般的失败(Most Epic Fail)大奖。也因此,PWINE 奖项被称为网络安全界的“奥斯卡”和“金草莓”奖。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"2021 年,PWNIE 呼吁更多核安全相关的技术组织和研究人员来解决安全问题,推动他们在这一年中的对安全漏洞的正确利用和错误发现成为新闻,同时激励其在工作中为漏洞研究和攻击技术提供新的见解。该奖项持续关注安全领域的新发现,可能连续第二年表彰没有得到应有关注的研究。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"参考链接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"https:\/\/pwnies.com\/winners"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"https:\/\/www.altusintel.com\/public-yy425x"}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章