每日安全动态推送(01-05)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• README.md:
https://github.com/FunnyWolf/Viper

   ・ Viper:是一款图形化红队评估工具,将红队评估过程中常用的战术及技术进行模块集成所有功能必备。 – lanying37


• Cache-Key Normalization:
https://iustin24.github.io/Cache-Key-Normalization-Denial-of-Service/?cb=1

   ・ Cache Poisoning DoS Vulnerability – Jett


• Insecure Deserialization - How to Trace Down a Gadget Chain:
https://blog.redteam-pentesting.de/2021/deserialization-gadget-chain/

   ・ Insecure Deserialization - 在 PHP 中找到 Gadget Chain – Jett


• Windows Defender Application Control (WDAC) Updates in 20H2 and Building a Simple, Secure Windows-only Policy | by Matt Graeber | Jan, 2021 | Medium:
https://mattifestation.medium.com/windows-defender-application-control-wdac-updates-in-20h2-and-building-a-simple-secure-4fd4ee86de4

   ・ Windows Defender Application Control (WDAC) in 20H2 – Jett


• GitHub - anantshri/Android_Security: This repository is a suplimentary material for Android Training's done by Anant Shrivastava:
https://github.com/anantshri/Android_Security

   ・ 研究员 Anant Shrivastava 关于 Android Security 培训的资料 – Jett


• Don’t play with fire, as well as race condition:
https://blog.pangu.io/?p=230

   ・ XNU 内核 socket UAF 漏洞分析 – Jett


• [Windows] R.I.P ROP: CET Internals in Windows 20H1 – Winsider Seminars & Solutions Inc.:
http://windows-internals.com/cet-on-windows/

   ・ R.I.P ROP: CET Internals in Windows 20H1 – Jett


• Longterm Security:
https://blog.longterm.io/samsung_rkp.html

   ・ 三星手机 RKP(Real-time Kernel Protection)内核防护技术深度剖析 – Jett


• Stopping Serial Killer: Catching the Next Strike - Check Point Research:
https://research.checkpoint.com/2021/stopping-serial-killer-catching-the-next-strike/

   ・ Stopping Serial Killer: Catching the Next Strike – Jett


• A. E. - YouTube:
https://www.youtube.com/channel/UC-a8hBNKa-n0O5bjRu-_Khw

   ・ 研究员 Alisa Esage 公开了两个之前会议演讲的视频 – Jett


• [Segmentation Fault]:
https://douevenknow.us/post/639414006930702336/tying-it-all-together-pwning-to-own-on-lg-phones

   ・ Tying It All Together - Pwning To Own on LG phones – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(01-05)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: