Tencent Security Xuanwu Lab Daily News
• [PDF] https://arxiv.org/pdf/2204.05122.pdf:
https://arxiv.org/pdf/2204.05122.pdf
・ 公有云 IP 重用的威胁和防御方法分析 Paper
– Jett
• Access Denied:
https://www.akamai.com/blog/security/critical-remote-code-execution-vulnerabilities-windows-rpc-runtime
・ 昨天微软修复的 Windows RPC 组件 3 个高危 RCE 漏洞的分析
– Jett
• Obfuscated obfuscation:
https://blog.lexfo.fr/dexguard.html
・ 基于 jadx 的 APK 代码反混淆分析
– Jett
• 新威胁:闷声发大财的Fodcha僵尸网络:
https://blog.netlab.360.com/men-sheng-fa-da-cai-fodchajiang-shi-wang-luo/
・ 新威胁:闷声发大财的Fodcha僵尸网络
– Jett
• [PDF] https://nebelwelt.net/files/22NDSS2.pdf:
https://nebelwelt.net/files/22NDSS2.pdf
・ Preventing Kernel Hacks with HAKC
– Jett
• Coercing NTLM Authentication from SCCM:
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
・ Coercing NTLM Authentication from SCCM
– Jett
• How I hacked an ESA’s experimental satellite(译文):
https://tttang.com/archive/1542/
・ How I hacked an ESA’s experimental satellite(译文)
– lanying37
• Proof of Concept: CVE-2022-21907 HTTP Protocol Stack Remote Code Execution Vulnerability:
https://www.coresecurity.com/core-labs/articles/proof-concept-cve-2022-21907-http-protocol-stack-remote-code-execution
・ http.sys 远程 CVE-2022-21907 漏洞的分析,CoreSecurity 公开了一个拒绝服务的 PoC,但该漏洞理论上可以 RCE
– Jett
• [CTF] Table of Contents:
https://github.com/cider-security-research/cicd-goat
・ 以 CTF 形式学习 CI/CD 安全的模拟环境
– Jett
• LSPosed Framework:
https://github.com/LSPosed/LSPosed
・ LSPosed – 基于 OG Xposed 提供 ART 的框架
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(04-14)
