每日安全动态推送(05-09)

Tencent Security Xuanwu Lab Daily News

• [PDF] https://sjtu.lijuanru.com/publications/dsn22-s.pdf:
https://sjtu.lijuanru.com/publications/dsn22-s.pdf

   ・ SIMulation – 对基于蜂窝网络的一键登录（One-Tap Authentication）方案的研究报告 – Jett

• [Virtualization] r/ReverseEngineering – Detecting Hypervisor-assisted Hooking:
https://www.reddit.com/r/ReverseEngineering/comments/uh9vy9/detecting_hypervisorassisted_hooking/

   ・ Detecting Hypervisor-assisted Hooking – Jett

• Raspberry Robin gets the worm early:
https://redcanary.com/blog/raspberry-robin/

   ・ Raspberry Robin – 利用 USB 并借助 Windows Installer 感染并传播的蠕虫 – Jett

• CVE-2022-0540 – Authentication bypass in Seraph:
https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/

   ・ Jira Seraph 认证绕过漏洞分析（CVE-2022-0540） – Jett

• Yours Truly, Signed AV Driver: Weaponizing an Antivirus Driver | Aon:
https://www.aon.com/cyber-solutions/aon_cyber_labs/yours-truly-signed-av-driver-weaponizing-an-antivirus-driver/

   ・ 恶意软件滥用 Avast 反病毒软件驱动的缺陷绕过检测 – Jett

• IAM Privilege Escalation in GCP:
https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation

   ・ GCP IAM 提权相关的资料整理 – Jett

• Hacking a Bank by Finding a 0day in DotCMS:
https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/

   ・ Hacking a Bank by Finding a 0day in DotCMS – Jett

• [Linux] Privilege Escalation Vulnerabilities Discovered In Linux Known As Nimbuspwn:
https://fourcore.io/blogs/nimbuspwn-linux-vulnerabilities-allows-root-access-cve-2022-29799-and-cve-2022-29800

   ・ linux 系统 systemd 组件 Nimbuspwn 本地提权漏洞分析（CVE-2022-29800） – Jett

• Fuzzing ClamAV with real malware samples:
https://mmmds.pl/clamav/

   ・ 利用 vx-underground 恶意软件库的样本 Fuzz ClamAV – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(05-09)