每日安全动态推送(10-20)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• Insecure use of shell.openExternal:
https://github.com/wireapp/wire-desktop/security/advisories/GHSA-5gpx-9976-ggpm

   ・ 桌面版本 Wire 应用因使用 Electron 不当导致 RCE 漏洞 – Jett


• [PDF] https://people.cs.umass.edu/~emery/pubs/gcvsmalloc.pdf:
https://people.cs.umass.edu/~emery/pubs/gcvsmalloc.pdf

   ・ 显式内存管理与自动垃圾回收算法的性能比较(paper) – Jett


• GitHub - pacman128/pcasm: PC Assembly language book:
https://github.com/pacman128/pcasm

   ・ PC汇编语言书籍资源包。 – lanying37


• GravityRAT: The spy returns:
https://securelist.com/gravityrat-the-spy-returns/99097/

   ・ 卡巴斯基对 GravityRAT 间谍软件的分析 – Jett


• Explicit Is Always Good? Read the Story of CVE-2020-1034:
https://blog.br0vvnn.io/pages/blogpost.aspx?id=2

   ・ Windows 内核提权漏洞(CVE-2020-1034)分析 – Jett


• Cloud Security Tools:
https://cloudberry.engineering/tool/

   ・ 云安全研究测试相关的工具收集 – Jett


• 2020-10-16: Kaitai Struct v0.9 released:
http://kaitai.io/news/2020/10/16/kaitai-struct-v0.9-released.html

   ・ Kaitai Struct - 用于为二进制格式自动化生成 Parser API 的工具 – Jett


• 2068 - Chrome: Use-after-free in USB::OnServiceConnectionError - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2068

   ・ Issue 2068: Chrome: Use-after-free in USB::OnServiceConnectionError – Jett


• Evolution of the programming languages from iPhone OS 1.0 to iOS 14:
https://blog.timac.org/2020/1019-evolution-of-the-programming-languages-from-iphone-os-to-ios-14/

   ・ iOS 1.0 到 iOS 14 版本,系统所用编程语言的趋势变化 – Jett


• Operation Earth Kitsune: Tracking SLUB’s Current Operations - Security News - Trend Micro USA:
https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-earth-kitsune-tracking-slub-s-current-operations/

   ・ 趋势科技对 Earth Kitsune 攻击行动 SLUB 恶意软件的分析 – Jett


• 探索低版本 .Net 反序列化实现 Exchange RCE:
https://paper.seebug.org/1371/

   ・ 探索低版本 .Net 反序列化实现 Exchange RCE – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(10-20)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: