Tencent Security Xuanwu Lab Daily News
• [Fuzzing] [PDF] https://publications.cispa.saarland/3773/1/2022-CCS-JIT-Fuzzing.pdf:
https://publications.cispa.saarland/3773/1/2022-CCS-JIT-Fuzzing.pdf
・ Jit-Picking: Differential Fuzzing of JavaScript Engines(Paper)
– Jett
• A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 2):
https://tutorialboy24.blogspot.com/2022/09/a-detailed-talk-about-k8s-cluster.html
・ 从攻击者的角度看 K8S Cluster 安全
– Jett
• ida_kcpp:
https://github.com/cellebrite-labs/ida_kcpp
・ ida_kcpp – 用于辅助分析 iOS kernelcache 的 IDA Pro 插件
– Jett
• Relaying YubiKeys:
https://cube0x0.github.io/Relaying-YubiKeys/
・ 身份验证设备 YubiKey 的 Relay 攻击
– Jett
• Docker Explorer:
https://github.com/google/docker-explorer/
・ Google 开源的 Docker 文件系统离线取证分析工具
– Jett
• [Tools] README.md:
https://github.com/hasherezade/pe-bear
・ 可视化 PE 文件逆向工具 PE-bear 开源了
– Jett
• LDAP Nom Nom:
https://github.com/lkarlslund/ldapnomnom
・ 滥用 LDAP Ping requests 实现匿名爆破 Active Directory 用户名
– Jett
• [Malware] The Bvp47 – Technical Details II:
https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group_ii/
・ Bvp47-技术细节分析报告II
– lanying37
• Out-of-bounds read information disclosure vulnerability in Microsoft Windows GDI+ EMR_SETPIXELV record:
https://www.seljan.hu/posts/out-of-bounds-read-information-disclosure-vulnerability-in-microsoft-windows-gdi-emr_setpixelv-record/
・ Windows GDI+ 越界读信息泄露漏洞分析(CVE-2022-34728)
– Jett
• Practical Attacks against NTLMv1:
https://www.trustedsec.com/blog/practical-attacks-against-ntlmv1/
・ Practical Attacks against NTLMv1
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(09-19)
