每日安全动态推送(09-09)

Tencent Security Xuanwu Lab Daily News

• Spymax: The android RAT and it works like that….:
https://insinuator.net/2022/09/spymax-the-android-rat-and-it-works-like-that/

   ・ Android 远控工具 Spymax 的功能和实现分析 – Jett

• Defeating eBPF Uprobe Monitoring:
http://blog.quarkslab.com/defeating-ebpf-uprobe-monitoring.html

   ・ eBPF Uprobe 的实现以及如何逃逸 Uprobe 监控 – Jett

• Riding the InfoRail to Exploit Ivanti Avalanche – Part 2:
https://www.thezdi.com/blog/2022/9/7/riding-the-inforail-to-exploit-ivanti-avalanche-part-2

   ・ 利用 InfoRail 协议的漏洞攻击 Ivanti Avalanche MDM 软件 – Jett

• Attacking Firecracker: AWS’ microVM Monitor Written in Rust:
https://www.graplsecurity.com/post/attacking-firecracker

   ・ Attacking Firecracker: AWS’ microVM Monitor Written in Rust  – Jett

• Understanding Windows Containers Communication:
https://www.cyberark.com/resources/threat-research-blog/understanding-windows-containers-communication

   ・ 利用 RPCMon 工具监控 Windows 容器的通信 – Jett

• Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically:
http://security.googleblog.com/2022/09/fuzzing-beyond-memory-corruption.html

   ・ 用 Fuzzing 的方法发现非内存破坏漏洞 – Jett

• 原生反序列化链 jdk8u20 的新构造:
https://tttang.com/archive/1729/

   ・ 原生反序列化链 jdk8u20 的新构造 – lanying37

• Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution · Sector 7:
https://sector7.computest.nl/post/2022-09-aveva-edge/

   ・ Pwn2Own Miami 2022 比赛 AVEVA Edge SCADA 软件代码执行漏洞的分析和利用 – Jett

• Prototype Pollution Primer for Pentesters and Programmers:
https://labs.withsecure.com/blog/prototype-pollution-primer-for-pentesters-and-programmers/

   ・ Prototype Pollution Primer for Pentesters and Programmers – Jett

• [Windows] ZOHO ManageEngine OpManager 两个RCE:
https://da22le.github.io/zoho-manageengine-opmanager-%E4%B8%A4%E4%B8%AArce/

   ・ ZOHO ManageEngine OpManager 两个RCE – lanying37

• Xalan-J XSLT整数截断漏洞利用构造(CVE-2022-34169):
http://noahblog.360.cn/xalan-j-integer-truncation-reproduce-cve-2022-34169/

   ・ Xalan-J XSLT 处理器整数截断漏洞的利用(CVE-2022-34169) – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(09-09)