每日安全动态推送(03-05)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 rou:
https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html

   ・ Linux的启动程序GRUB2存在多个漏洞。 – lanying37


• BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain:
https://arxiv.org/abs/1708.06733

   ・ BadNets - 机器学习模型供应链中的漏洞攻击研究 – Jett


• New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452:
http://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html

   ・ FireEye 对 SUNSHUTTLE 二阶段后门样本的分析 – Jett


• Hail Frida!! The Universal SSL pinning bypass for Android applications | by Vedant | InfoSec Write-ups:
https://infosecwriteups.com/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29?source=rss----7b722bfd1b8d---4&gi=55dd18ad2147

   ・ Hail Frida!! The Universal SSL pinning bypass for Android applications – Jett


• How Falcon Complete Stops Microsoft Exchange Server Exploits:
https://www.crowdstrike.com/blog/falcon-complete-stops-microsoft-exchange-server-zero-day-exploits/

   ・ CrowdStrike 团队对昨天爆出的 Microsoft Exchange 野外 0Day 攻击的分析 – Jett


• Three Top Russian Cybercrime Forums Hacked:
https://krebsonsecurity.com/2021/03/three-top-russian-cybercrime-forums-hacked/

   ・ 俄罗斯 Top3 网络犯罪论坛被黑,数据被窃取 – Jett


• IPv6 Toolkit:
https://www.si6networks.com/tools/ipv6toolkit

   ・ SI6 Networks的工具包是对IPv6安全评估和故障排除工具。 – lanying37


• [Android] Extending Emuroot: support for Android 10 & 11:
http://blog.quarkslab.com/extending-emuroot-support-for-android-10-11.html

   ・ Android Emuroot - 在 Android Virtual Device (AVD) 获取 Root 权限的 Python 脚本 – Jett


• Gafgtyt_tor,Necro作者再次升级“武器库”:
https://blog.netlab.360.com/tor-bld/

   ・ Gafgtyt_tor,Necro作者再次升级“武器库” – Jett


• What Is TrojAI:
https://pages.nist.gov/trojai/docs/about.html

   ・ TrojAI - 在深度机器学习模型中注入恶意数据的开源工具 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-05)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: