Tencent Security Xuanwu Lab Daily News
• GitHub – facebookexperimental/MIRAI: Rust mid-level IR Abstract Interpreter:
https://github.com/facebookexperimental/MIRAI
・ Facebook 开发的一套 Rust 中间 IR 的 Interpreter
– Jett
• Kernel Mode Threats and Practical Defenses:
https://youtu.be/BBJgKuXzfwc
・ 内核模式威胁与实际防御演讲会议视频.
– lanying37
• [Tools] Resources:
https://github.com/projectdiscovery/nuclei
・ Nuclei – 基于YAML语法模板的定制化快速漏洞扫描器
– Jett
• GitHub – Group3r/Group3r: Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.:
https://github.com/Group3r/Group3r
・ Group3r – AD 环境组策略配置探测工具
– Jett
• [Virtualization] Cloud-Architekt/AzureAD-Attack-Defense:
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense/blob/main/IdentitySecurityMonitoring.md
・ Overview of Microsoft Identity Security Monitoring
– Jett
• CVE-2022-0847 Linux内核漏洞简要分析:
https://tttang.com/archive/1480/
・ CVE-2022-0847 Linux内核漏洞简要分析.
– lanying37
• CVE-2022-22616: Simple way to bypass GateKeeper, hidden for years:
https://jhftss.github.io/CVE-2022-22616-Gatekeeper-Bypass/
・ 利用 Safari 处理 gzip 流程的缺陷绕过 GateKeeper
– Jett
• 新威胁:使用DNS Tunnel技术的Linux后门B1txor20正在通过Log4j漏洞传播:
https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_cn/
・ 使用 DNS Tunnel 技术的 Linux 后门 B1txor20 正在通过 Log4j 漏洞传播
– Jett
• GitHub – Lucifer1993/SatanSword: 红队综合渗透框架:
https://github.com/Lucifer1993/SatanSword
・ SatanSword – 红队综合渗透框架
– Jett
• Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) – NCC Group Research:
https://research.nccgroup.com/2022/03/15/technical-advisory-apple-macos-xar-arbitrary-file-write-cve-2022-22582/
・ Apple macOS XAR 任意文件写漏洞分析(CVE-2022-22582)
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-16)
