每日安全动态推送(11-14)

Tencent Security Xuanwu Lab Daily News

• The exploit recon ‘msg_msg’ and its mitigation in VED:
https://hardenedvault.net/blog/2022-11-13-msg_msg-recon-mitigation-ved/

   ・ Linux msg_msg 结构在漏洞利用中的应用以及相关的利用缓解措施分析 – Jett

• [Reverse Engineering, Firmware] Reverse engineering an EV charger:
https://www.mnemonic.io/resources/blog/reverse-engineering-an-ev-charger/

   ・ 挪威一款流行的 Zaptec Pro 电动车充电桩的安全研究报告 – Jett

• Windows Kernel: Exploit CVE-2022-35803 in Common Log File System:
https://blog.northseapwn.top/2022/11/11/Windows-Kernel-Exploit-CVE-2022-35803-in-Common-Log-File-System/index.html

   ・ Windows CLFS 日志文件系统 CVE-2022-24481 野外漏洞的分析以及补丁的绕过分析 – Jett

• [Tools] Introducing Shufflecake: plausible deniability for multiple hidden filesystems on Linux:
https://research.kudelskisecurity.com/2022/11/10/introducing-shufflecake-plausible-deniability-for-multiple-hidden-filesystems-on-linux/

   ・ Shufflecake – 在 Linux 系统中创建隐藏分区的工具 – Jett

• [Tools] Using Rust and Ptrace to invoke syscalls:
https://medium.com/@0xFounders/using-rust-and-ptrace-to-invoke-syscalls-262dc585fcd3

   ・ 利用 Ptrace 的调试能力实现跨进程任意 syscall 调用 – Jett

• Exploitation of CVE-2020-9802: a WebKit JIT Bug:
https://shxdow.me/cve-2020-9802/

   ・ WebKit JavaScriptCore JIT CVE-2020-9802 漏洞的分析和利用 – Jett

• [Tools] KULeuven-COSIC/Starlink-FI:
https://github.com/KULeuven-COSIC/Starlink-FI

   ・ 从硬件角度研究 SpaceX Starlink 终端的安全性，利用电压错误注入的技术实现任意代码执行 – Jett

• [Malware] Phishing with Google Calendar:
https://drew-sec.github.io

   ・ 滥用 Google Calendar 作为一种钓鱼传播的媒介 – Jett

• Android 组件逻辑漏洞漫谈:
https://evilpan.com/2022/11/13/android-bugs/

   ・ Android 逻辑漏洞的重要性和优势逐渐体现，这篇 Blog 分析 Android 系统的 4 大组件以及可能存在的逻辑漏洞类型 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(11-14)