Tencent Security Xuanwu Lab Daily News
• 2022虎符_vdq(rust_cve)详解:
https://tttang.com/archive/1585/
・ 2022虎符_vdq(rust_cve)详解
– lanying37
• [Tools] Automating binary vulnerability discovery with Ghidra and Semgrep – hn security:
https://security.humanativaspa.it/automating-binary-vulnerability-discovery-with-ghidra-and-semgrep/
・ 整合 Ghidra 的反编译功能和 Semgrep 的代码扫描能力,实现二进制漏洞的自动化挖掘
– Jett
• [Machine Learning] Whitepaper – Practical Attacks on Machine Learning Systems:
https://research.nccgroup.com/2022/07/06/whitepaper-practical-attacks-on-machine-learning-systems/
・ 针对机器学习系统的安全攻击实战
– Jett
• 0xFF Prologue:
https://n132.github.io/2022/07/04/S2.html
・ Google CTF 2022 Sandbox Escape 题的 writeup
– Jett
• [Malware] Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit:
https://research.trendmicro.com/3OA8H10
・ Black Basta 勒索软件将 PrintNightmare 漏洞 Exploit 集成进自己的攻击套件
– Jett
• [Malware] Brand-New HavanaCrypt Ransomware Poses as Google Software Update App Uses Microsoft Hosting Service IP Address as C&C Server:
https://research.trendmicro.com/3AvsM4A
・ 全新勒索软件 HavanaCrypt 伪造成 Google 更新套件,借助微软的 Web 托管服务伪装 C&C 服务器
– Jett
• Rolling Pwn Attack:
https://rollingpwn.github.io/rolling-pwn/
・ 本田汽车的无钥匙进入系统被发现 “Rolling Pwn Attack”,滚动码机制存在缺陷,可以远程控制车辆
– Jett
• [Vulnerability] SSD Advisory – Froxlor Server Management Panel File Upload Filter Bypass and RCE – SSD Secure Disclosure:
https://ssd-disclosure.com/ssd-advisory-froxlor-server-management-panel-file-upload-filter-bypass-and-rce/
・ Froxlor Server 服务器管理面板被发现 root 命令执行漏洞
– Jett
• GitHub – GhostPack/Koh: The Token Stealer:
https://github.com/GhostPack/Koh
・ Koh – 通过 “Internal Monologue Attack” 窃取 Windows 认证凭据的工具
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(07-08)
