Tencent Security Xuanwu Lab Daily News
• [Virtualization] Kubernetes and CRI-O release patch for vulnerability today; CrowdStrike customers protected:
https://www.crowdstrike.com/blog/cr8escape-new-vulnerability-discovered-in-cri-o-container-engine-cve-2022-0811/
・ cr8escape – Kubernetes 容器引擎 CRI-O 被发现容器逃逸漏洞(CVE-2022-0811)
– Jett
• [Vulnerability] Security Vulnerabilities Found in ClickHouse Open-Source Software:
https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/
・ ClickHouse DBMS 被发现多个漏洞,其中一个远程堆溢出漏洞可以实现 RCE
– Jett
• Azure AD – Attack and Defense Playbook:
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense
・ Azure Active Directory 方向的攻防对抗
– Jett
• [Malware] [PDF] https://docs.brandefense.io/af3ca880b0c25832d07d441d75b05eceb5a48d04b2cc0d855c89622dbd3bb933.pdf:
https://docs.brandefense.io/af3ca880b0c25832d07d441d75b05eceb5a48d04b2cc0d855c89622dbd3bb933.pdf
・ 破坏 MBR 分区的恶意软件 – HermeticWiper 的分析报告
– Jett
• Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters:
https://thehackernews.com/2022/03/unpatched-rce-bug-in-dompdf-project.html
・ HTML->PDF 文档转换工具 dompdf 被发现 RCE 漏洞
– Jett
• Top 10 CI/CD Security Risks:
https://github.com/cider-security-research/top-10-cicd-security-risks
・ Top 10 CI/CD Security Risks
– Jett
• [Tools, Malware] Arya: The New Tailor-Made EICAR Using Yara:
https://claroty.com/2022/03/16/blog-research-arya-the-new-tailor-made-eicar-using-yara/
・ Arya – 基于 Yara 规则生成恶意样本的工具
– Jett
• [Tools] Securing Developer Tools: Git Integrations:
https://blog.sonarsource.com/securing-developer-tools-git-integrations/
・ Securing Developer Tools: Git Integrations
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-17)
