Tencent Security Xuanwu Lab Daily News
• LINE CTF 2022 – mail (pwn):
https://blog.idiot.sg/2022-03-27/line-ctf-2022-mail/
・ LINE CTF 2022 – mail (pwn) writeup
– Jett
• [Tools] Mining data from Cobalt Strike beacons:
https://research.nccgroup.com/2022/03/25/mining-data-from-cobalt-strike-beacons/
・ Mining data from Cobalt Strike beacons
– Jett
• Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch:
https://threatpost.com/google-chrome-zero-day-bugs-exploited-weeks-ahead-of-patch/179103/
・ Chrome 浏览器紧急发布更新,修复被朝鲜 APT 组织使用的 0Day
– Jett
• Towards Practical Security Optimizations for Binaries:
https://blog.trailofbits.com/2022/03/25/towards-practical-security-optimizations-for-binaries/
・ 编译器优化可能会引入安全问题,来自 Trail of Bits 的研究
– Jett
• [Tools] CoolerVoid/codecat:
https://github.com/CoolerVoid/codecat
・ CodeCat – 支持对用户输入 SINK 分析的静态代码分析工具
– Jett
• [PDF] https://www2.cs.arizona.edu/~debray/Publications/vee21.pdf:
https://www2.cs.arizona.edu/~debray/Publications/vee21.pdf
・ Automated Bug Localization in JIT Compilers(Paper)
– Jett
• Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044):
https://flattsecurity.medium.com/finding-bugs-to-trigger-unauthenticated-command-injection-in-a-netgear-router-psv-2022-0044-2b394fb9edc
・ NETGEAR 路由器命令注入漏洞(PSV-2022–0044)的发现过程
– Jett
• CVE-2022-0995:
https://github.com/Bonfee/CVE-2022-0995
・ 有研究员公开了 Linux 内核 watch_queue 越界写漏洞(CVE-2022-0995)Exploit
– Jett
• watchguard_cve-2022-26318:
https://github.com/Throns1956/watchguard_cve-2022-26318
・ Watchguard RCE CVE-2022-26318 PoC
– Jett
• PHP filter_var shenanigans:
https://pwning.systems/posts/php_filter_var_shenanigans/
・ 利用 filter 自身的 Bug 绕过 PHP filter_var 的检查
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-28)
