Tencent Security Xuanwu Lab Daily News
• [Tools] What does it do?:
https://github.com/DavidBuchanan314/monomorph
・ MD5-Monomorphic Shellcode Packer – 向可执行文件中插入 Shellcode 但保持 MD5 不变的工具
– Jett
• [Defend] Hunting for Unsigned DLLs to Find APTs:
https://bit.ly/3CkHPi9
・ 基于未签名 DLL 加载的行为事件检测 APT
– Jett
• 最新CS RCE曲折的复现路:
https://mp.weixin.qq.com/s/l5e2p_WtYSCYYhYE0lzRdQ
・ 最新 CS RCE 曲折的复现路(CVE-2022-39197)
– Jett
• In the Hunt for the Auto Login Setup Process:
https://www.offensive-security.com/offsec/in-the-hunt-for-the-auto-login-setup-process/
・ 研究员对 macOS Auto Login 自动登录配置过程的研究
– Jett
• Tell Me Where You Live and I Will Tell You About Your P@ssw0rd: Understanding the Macrosocial Factors Influencing Password’s Strength:
https://www.gosecure.net/blog/2022/09/26/tell-me-where-you-live-and-i-will-tell-you-about-your-password-understanding-the-macrosocial-factors-influencing-passwords-strength/
・ 不同国家以及语言环境对用户设置的密码强度的影响
– Jett
• [Windows] Microsoft Windows Shift F10 Bypass and Autopilot privilge escalation:
https://k4m1ll0.com/ShiftF10Bypass-and-privesc.html
・ 利用 Shift F10 键在装有 Windows Autopilot 的环境中实现提权
– Jett
• [Tools] Starter Guide to BJT Transistors (ElectroBOOM101 – 011):
https://youtu.be/2uowMENwiHQ
・ BJT 晶体管入门指南教程视频(ElectroBOOM101 – 011)
– lanying37
• Druva inSync for Mac Local Privilege Escalation:
https://imhotepisinvisible.com/druva-lpe/
・ 企业云同步工具 Druva inSync macOS 本地提权漏洞分析
– Jett
• Every authorization has its black: tackling privilege escalation in macOS:
https://hitcon.org/2022/en/agenda/2492d003-197e-44ac-bfe0-135bf5cd1707/
・ HITCON 会议关于 macOS 授权认证机制以及提权漏洞的议题
– Jett
• Vultron: A Protocol for Coordinated Vulnerability Disclosure:
https://insights.sei.cmu.edu/blog/vultron-a-protocol-for-coordinated-vulnerability-disclosure/
・ Vultron – 多方漏洞合作披露的协议
– Jett
• [Malware] Erbium Stealer Malware Report:
https://www.cyfirma.com/outofband/erbium-stealer-malware-report/
・ Erbium Stealer 恶意软件分析报告
– lanying37
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(09-27)
