每日安全动态推送(03-17)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• The Mysterious Realm of JavaScriptCore:
https://www.cyberark.com/resources/threat-research-blog/the-mysterious-realm-of-javascriptcore

   ・ 利用 CodeQL 静态代码分析工具挖掘 JavaScriptCore JS 引擎的漏洞 – Jett


• [PDF] https://www.cs.virginia.edu/~smk9u/Liu_PMFuzz_ASPLOS21.pdf:
https://www.cs.virginia.edu/~smk9u/Liu_PMFuzz_ASPLOS21.pdf

   ・ PMFuzz: Test Case Generation for Persistent Memory Programs(Paper) – Jett


• Detecting Cobalt Strike with memory signatures:
https://www.elastic.co/blog/detecting-cobalt-strike-with-memory-signatures

   ・ 从内存特征的角度检测 Cobalt Strike – Jett


• [Linux] CVE-2021-3156 (Sudo Baron Samedit):
https://github.com/worawit/CVE-2021-3156

   ・ Sudo CVE-2021-3156 漏洞在 Linux x64 平台的利用 – Jett


• CVE 2017-0261 的 .EPS 恶意文件分析:
https://paper.seebug.org/1509/

   ・ CVE 2017-0261 的 .EPS 恶意文件分析 – Jett


• [Browser] Another approach to portable Javascript Spectre exploitation:
https://dougallj.wordpress.com/2021/03/16/another-approach-to-portable-javascript-spectre-exploitation/

   ・ Spectre 漏洞的跨平台 JS 利用实现 – Jett


• One day short of a full chain: Part 2 - Chrome sandbox escape:
https://securitylab.github.com/research/one_day_short_of_a_fullchain_sbx

   ・ Chrome issue 1125614 沙箱逃逸漏洞的利用 – Jett


• OD 调试宏代码中的新线程:
https://paper.seebug.org/1508/

   ・ OD调试宏代码中的新线程 – lanying37


• Samsung Investigation Part 2: Exploiting Trusted Applications (TAs):
https://www.riscure.com/blog/samsung-investigation-part2

   ・ Riscure 团队对三星可信执行框架 TEEGRIS 的逆向分析 – Jett


• [Malware] Necro再次升级,使用Tor+动态域名DGA 双杀Windows&Linux:
https://blog.netlab.360.com/necro-shi-yong-tor-dong-tai-yu-ming-dga-shuang-sha-windows-linux/

   ・ Necro 再次升级,使用 Tor+动态域名 DGA 双杀 Windows&Linux – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-17)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: