每日安全动态推送(11-17)

Tencent Security Xuanwu Lab Daily News

• SLUB overflow CVE-2021-42327:
https://docfate111.github.io/blog/securityresearch/2021/11/08/SLUBoverflow.html

   ・ SLUB overflow CVE-2021-42327 – Jett

• Detecting a Container Escape with Cilium and eBPF:
https://isovalent.com/blog/post/2021-11-container-escape

   ・ Detecting a Container Escape with Cilium and eBPF – Jett

• [Tools] Fuzzing101 with LibAFL – Part I.V: Speed Improvements to Part I -:
https://epi052.gitlab.io/notes-to-self/blog/2021-11-07-fuzzing-101-with-libafl-part-1.5/

   ・ Fuzzing101 with LibAFL – Part I.V: Speed Improvements to Part I . – lanying37

• AFL++ on Android with QEMU support:
https://alephsecurity.com/2021/11/16/fuzzing-qemu-android/

   ・ 编译 AFL++ 时包含 QEMU 支持以便在 Android 设备上直接 Fuzz Android 二进制 – Jett

• New secret-spilling hole in Intel CPUs sends company patching (again):
https://arstechnica.com/gadgets/2021/11/intel-releases-patch-for-high-severity-bug-that-exposes-a-cpus-master-key/

   ・ Intel CPU 被发现新漏洞，物理接触情况下可以给 CPU 芯片安装恶意固件，影响 Bitlocker、DRM 相关保护 – Jett

• Attackers use domain fronting technique to target Myanmar with Cobalt Strike:
http://blog.talosintelligence.com/2021/11/attackers-use-domain-fronting-technique.html

   ・ 攻击者利用 “Domain Fronting” 技术重定向缅甸政府网站流量 – Jett

• New code injection vulnerability discovered in TensorFlow:
https://jfrog.com/blog/tensorflow-python-code-injection-more-eval-woes/

   ・ TensorFlow 存在一处参数处理不当导致代码注入漏洞 – Jett

• How to bypass reCaptcha V3 with Selenium Python? | by Abdul Basit | Analytics Vidhya | Medium:
https://medium.com/analytics-vidhya/how-to-bypass-recaptcha-v3-with-selenium-python-7e71c1b680fc

   ・ 利用 Python Selenium 绕过 Google 的 reCaptcha V3 的验证码 – Jett

• STAR Labs | Blog | Diving into Open-source LMS Codebases:
https://starlabs.sg/blog/2021/11/diving-into-open-source-lms-codebases/

   ・ Open-source LMS Chamilo 和 Moodle 被发现多个漏洞 – Jett

• Strategic web compromises in the Middle East with a pinch of Candiru | WeLiveSecurity:
https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/

   ・ 2020 年夏天，阿布扎比伊朗使馆网站被注入水坑攻击脚本 – Jett

• PID namespace:
http://blog.quarkslab.com/digging-into-linux-namespaces-part-1.html

   ・ 容器实现背后的 Linux Namespaces 进程隔离技术分析 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(11-17)