Tencent Security Xuanwu Lab Daily News
• Rules to Hack By – Offensivecon 2022 keynote:
https://www.slideshare.net/MarkDowd13/rules-to-hack-by-offensivecon-2022-keynote-251318003?qid=f231dd12-8cdb-46b4-8417-954621561b18&v=&b=&from_search=1
・ Mark Dowd 在 Offensivecon 2022 会议关于漏洞挖掘的演讲 PPT “Rules to Hack By”
– Jett
• [Vulnerability] What was the bug?:
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-logic-app-contributor-escalation-to-root-owner/
・ Escalating from Logic App Contributor to Root Owner in Azure
– Jett
• [Windows] Leaked stolen Nvidia cert can code-sign Windows malware:
https://www.theregister.com/2022/03/05/nvidia_stolen_certificate/
・ 除了三星,Nvidia 也被攻击发生数据泄露,泄露的签名密钥可以用来签发恶意软件
– Jett
• DeTT&CT : Mapping detection to MITRE ATT&CK – NVISO Labs:
https://blog.nviso.eu/2022/03/09/dettct-mapping-detection-to-mitre-attck/
・ DeTT&CT – 帮助衡量 MITRE ATT&CK 框架体系下威胁检测覆盖度的工具
– Jett
• Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis) | by Jang | Mar, 2022 | Medium:
https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
・ Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis)
– Jett
• [Tools] Introducing RunOF – Arbitrary BOF tool – Nettitude Labs:
https://labs.nettitude.com/blog/introducing-runof-arbitrary-bof-tool/
・ 不依赖 Cobalt agent 执行 BOF 文件的工具
– Jett
• [Tools] liamg/traitor:
https://github.com/liamg/traitor
・ Linux 自动化提权工具
– Jett
• HP addressed 16 High-Severity UEFI firmware flaws impacting laptops, desktops, PoS systemsSecurity Affairs:
https://securityaffairs.co/wordpress/128838/hacking/hp-uefi-firmware-flaws.html
・ HP 刚刚修复了 UEFI 固件的 16 个高危漏洞
– Jett
• Securing Developer Tools: Package Managers:
https://blog.sonarsource.com/securing-developer-tools-package-managers
・ 多款包管理器被发现安全漏洞
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-10)
