每日安全动态推送(01-06)

Tencent Security Xuanwu Lab Daily News

• [Wireless] 【PDF】软件无线电在漏洞挖掘领域的应用-完结篇:
https://radioactive.blog/2022/01/05/insec_world_2021_chengdu/

   ・ 软件无线电在漏洞挖掘领域的应用 – Jett

• [Tools] Tom Duff的C语言奇技淫巧:
https://mp.weixin.qq.com/s/druUoCzX-OuTOEwYjUUoiw

   ・ Tom Duff的C语言奇技淫巧. – lanying37

• hxp CTF 2021 – The End Of LFI?:
https://tttang.com/archive/1395/

   ・ hxp CTF 2021 – The End Of LFI? – lanying37

• We desperately need a way to rapidly notify people of high-impact vulnerabilities, so I built one: BugAlert.org:
https://mattslifebytes.com/2022/01/04/bugalert-org/

   ・ 有开发者开发了一个漏洞预警工具 BugAlert – Jett

• Toward a Best-of-Both-Worlds Binary Disassembler:
https://blog.trailofbits.com/2022/01/05/toward-a-best-of-both-worlds-binary-disassembler/

   ・ Toward a Best-of-Both-Worlds Binary Disassembler – Jett

• Technical Analysis of CVE-2021-1732:
https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/technical-analysis-of-cve-2021-1732/

   ・ win32k CVE-2021-1732 window 对象类型混淆漏洞的分析 – Jett

• [Tools] arainho/awesome-api-security:
https://github.com/arainho/awesome-api-security

   ・ API 安全相关的工具和资料整理 – Jett

• 2224 – XNU: heap-use-after-free in inm_merge – project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2224

   ・ Issue 2224: XNU: heap-use-after-free in inm_merge – Jett

• Broward Breach Highlights Healthcare Supply-Chain Problems:
https://threatpost.com/broward-breach-healthcare-supply-chain/177401/

   ・ 因供应链安全问题，美国 Broward 系统泄露 130 万病人的健康数据 – Jett

• Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk – Check Point Research:
https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/

   ・ 据 Checkpoint 分析，Zloader 恶意软件利用 Windows 签名验证的缺陷将恶意 Payload 注入到合法签名的 DLL 文件中绕过杀软检测 – Jett

• From User to Domain Admin in (less than) 60 seconds: CVE-2021-42278/CVE-2021-42287:
https://www.fortinet.com/blog/threat-research/cve-2021-42278-cve-2021-42287-from-user-to-domain-admin-60-seconds

   ・ FortiGuard Labs 对 Active-Directory CVE-2021-42278/42287 漏洞的分析 – Jett

• Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot” – ZecOps Blog:
https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/

   ・ NoReboot – 有研究员实现对 iOS 关机过程伪造，“关机”后继续监控用户 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(01-06)