Tencent Security Xuanwu Lab Daily News
• UBfuzz: Finding Bugs in Sanitizer Implementations:
https://arxiv.org/abs/2401.04538v1
・ 介绍了一个新的测试框架UBfuzz,用于验证编译器中的sanitizer实现,发现了sanitizer中的31个漏洞,揭示了sanitizer存在的严重虚假负问题。
– SecTodayBot
• Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations:
https://www.youtube.com/watch?si=e9U9qoIq1AmEUKvy&v=ulktZxdN6nA&feature=youtu.be
・ 介绍了对抗模拟演示,是关于ATT&CK评估的关键概念
– SecTodayBot
• Continuously fuzzing Python C extensions:
https://blog.trailofbits.com/2024/02/23/continuously-fuzzing-python-c-extensions/
・ 使用Atheris工具对Python C扩展进行模糊测试,发现了cbor2库中的多个内存损坏漏洞。
– SecTodayBot
• Leveraging Binary Ninja IL to Reverse a Custom ISA: Cracking the “Pot of Gold” 37C3:
https://www.synacktiv.com/en/publications/leveraging-binary-ninja-il-to-reverse-a-custom-isa-cracking-the-pot-of-gold-37c3
・ 利用Binary Ninja中间语言(IL)来对自定义指令集架构(ISA)进行逆向工程,并利用该技术来破解37C3 CTF的Pot of Gold挑战。
– SecTodayBot
• Turla Leverages ‘Pelmeni Wrapper’ for Stealthy Kazuar Backdoor Delivery:
https://securityonline.info/turla-leverages-pelmeni-wrapper-for-stealthy-kazuar-backdoor-delivery/
・ 揭示了Turla利用‘Pelmeni Wrapper’交付隐秘的Kazuar后门的新战术,以及对Kazuar变种的分析。
– SecTodayBot
• Analysis of Glibc privilege escalation vulnerability “Looney Tunables” (CVE-2023-4911):
https://dev.to/tutorialboy/analysis-of-glibc-privilege-escalation-vulnerability-looney-tunables-cve-2023-4911-5e97
・ 介绍了Qualys公司威胁研究部门披露的Glibc权限提升漏洞。
– SecTodayBot
• Extracting PEAP Credentials from Wired Network Profiles:
https://itm4n.github.io/peap-credentials-wired-connections/
・ 从有线网络配置文件中提取PEAP凭据的方法。详细分析PEAP凭据存储和提取过程。
– SecTodayBot
• Exploring Windows UAC Bypasses: Techniques and Detection Strategies — Elastic Security Labs:
https://www.elastic.co/security-labs/exploring-windows-uac-bypasses-techniques-and-detection-strategies
・ 绕过用户账户控制(UAC)的方法
– SecTodayBot
• Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild:
https://buer.haus/2024/02/23/go-go-xss-gadgets-chaining-a-dom-clobbering-exploit-in-the-wild/
・ 讨论了发现跨站脚本(XSS)链的过程,以及详细分析了XSS漏洞的根本原因和方法。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(2-27)