Tencent Security Xuanwu Lab Daily News
• BlackHat-Europe-2022:
https://github.com/ga1ois/BlackHat-Europe-2022
・ 利用CodePattern从二进制代码中找漏洞。以几类Windows的漏洞Pattern为例,实现了一个类似于Binary的CodeQL雏形
– Atum
• Re: Linux kernel: Unauthenticated remote DOS in ksmbd NTLMv2 authentication:
https://seclists.org/oss-sec/2023/q1/15
・ Linux内核 ksmbd NTLMv2认证远程DoS漏洞
– Atum
• [PDF] https://arxiv.org/pdf/2212.12372.pdf:
https://arxiv.org/pdf/2212.12372.pdf
・ 文章中提出了一种结合格规约和量子近似优化算法对整数进行分解的算法,文章的行文给人的感受是该算法在随着量子计算技术可预见的期限内发展可以导致2048位RSA分解。但这实际上这并不是事实。
– Atum
• Light 睢素章 @ 星耀实验室:
https://www.freebuf.com/articles/paper/354674.html
・ 对考勤机进行漏洞挖掘的详细过程,含多个具体案例
– ArisXu
• [PDF] https://www.bitdefender.com/files/News/CaseStudies/study/427/Bitdefender-PR-Whitepaper-EyeSpyVPN-creat625-en-EN.pdf:
https://www.bitdefender.com/files/News/CaseStudies/study/427/Bitdefender-PR-Whitepaper-EyeSpyVPN-creat625-en-EN.pdf
・ bitdefender发布报告EyeSpy – 隐藏在VPN安装包中的Iran恶意软件
– crazyman
• Infostealer Malware: Targeting Italian Region – Uptycs:
https://www.uptycs.com/blog/infostealer-malware-attacks-targeting-italian-region/
・ 针对意大利地区的窃密攻击活动
– crazyman
• [Windows] Wh04m1001/CVE-2023-21752:
https://github.com/Wh04m1001/CVE-2023-21752
・ CVE-2023-21752:Windows 备份服务任意删除漏洞以滥用 arb delete实现权限提升
– crazyman
• SSH key injection in Google Cloud Compute Engine [Google VRP]:
https://blog.stazot.com/ssh-key-injection-google-cloud/
・ Google Cloud Compute Engine中的SSH秘钥注入漏洞
– crazyman
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(1-13)
