Tencent Security Xuanwu Lab Daily News
• I’m Building a Self-Destructing USB Drive:
https://interruptlabs.ca/2022/07/29/I-m-Building-a-Self-Destructing-USB-Drive/
・ 制作可自毁的U盘
– WireFish
• [BugTales] REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB:
https://labs.taszk.io/articles/post/reunzip/
・ 利用华为SD-Update模式的检测和使用时间不一致,替换更新数据包,绕过签名验证,获取root权限。
– P4nda
• Spam and phishing in 2022:
https://kas.pr/9ir7
・ 卡巴斯基 2022 年的垃圾邮件和钓鱼监测报告。包含2022年钓鱼邮件相关数据,图表,钓鱼手段,邮件样例等。
– ThomasonZhao
• [Browser] The new Bing & Edge – Learning from our first week:
https://blogs.bing.com/search/february-2023/The-new-Bing-Edge-–-Learning-from-our-first-week/
・ 微软关于new bing的一周总结。
– Atum
• Dissecting the Vulnerabilities – A Comprehensive Teardown of acmailer’s N-Days:
https://starlabs.sg/blog/2023/02-dissecting-the-vulnerabilities-a-comprehensive-teardown-of-acmailer/
・ 深入剖析acmailer的两个nday漏洞-CVE-2021-20617 & CVE-2021-20618
– crazyman
• Citrix CVE-2022-27518 漏洞分析:
https://paper.seebug.org/2049/
・ Citrix CVE-2022-27518 漏洞分析
– lanying37
• [Tools] Blue Hat 2023 and UEFI Secure Boot:
http://vzimmer.blogspot.com/2023/02/blue-hat-2023-and-uefi-secure-boot.html
・ Blue Hat 2023,作者介绍了由其中一个 UEFI Secure Boot 演讲所引发出的思考和回顾。
– WireFish
• [Windows] EoP via Arbitrary File Write/Overwite in Group Policy Client “gpsvc” – CVE-2022-37955:
http://decoder.cloud/2023/02/16/eop-via-arbitrary-file-write-overwite-in-group-policy-client-gpsvc-cve-2022-37955/
・ Windows本地提权漏洞(CVE-2022-37955)细节,配置了文件首选项域组策略的用户可以通过符号链接以system权限造成任意文件覆盖,从而导致提权。
– P4nda
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(2-20)
