每日安全动态推送(03-31)

  • A+
所属分类:安全新闻

玄武实验室实习生招聘已启动,具体岗位及简历投递方式请查看《腾讯安全玄武实验室 2021 实习生招募令 》。

欢迎各位同学投递!




Tencent Security Xuanwu Lab Daily News


• Security baseline for Office 365 ProPlus (v2103, March 2021) - DRAFT - Microsoft Tech Community:
https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-office-365-proplus-v2103-march-2021-draft/ba-p/2228388

   ・ 微软发布的《Security baseline for Office 365 ProPlus》 – Jett


• Building:
https://github.com/taviso/scanlimits

   ・ Tavis 开源了一个测试 setuid 程序在资源受限环境运行行为的小工具 – Jett


• Recent Papers Related To Fuzzing:
https://wcventure.github.io/FuzzingPaper/

   ・ Fuzzing 方向的 Paper 收集,按照细分的领域整理 – Jett


• Resources:
https://github.com/waleedassar/CVE-2021-1656

   ・ Windows TPM 驱动(tpm.sys)信息泄露漏洞 PoC(CVE-2021-1656) – Jett


• Fuzzing sockets: Apache HTTP, Part 2: Custom Interceptors:
https://securitylab.github.com/research/fuzzing-apache-2/

   ・ Fuzzing sockets: Apache HTTP, Part 2: Custom Interceptors – Jett


• Click here for free TV! - Chaining bugs to takeover Wind Vision accounts:
https://labs.f-secure.com/blog/wind-vision-writeup/

   ・ 利用 Wind Vision App 认证过程以及 IPC 通信过程的漏洞实现免费看数字电视 – Jett


• [Malware] Jumping into Shellcode:
https://isc.sans.edu/diary/27256

   ・ Jumping into Shellcode – lanying37


• FluBot:一场席卷欧洲的移动银行木马攻击活动:
https://blogs.360.cn/post/analysis-of-FluBot.html

   ・ FluBot:一场席卷欧洲的移动银行木马攻击活动 – Jett


• kCTF | kCTF is a Kubernetes-based infrastructure for CTF competitions:
https://google.github.io/kctf/

   ・ kCTF - Google 开源了一套基于 Kubernetes 的 CTF 基础设施搭建框架 – Jett


• [Malware] APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign:
https://securelist.com/apt10-sophisticated-multi-layered-loader-ecipekac-discovered-in-a41apt-campaign/101519/

   ・ 卡巴斯基发了一篇针对 APT 10 组织近期 A41APT 攻击行动的分析报告 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-31)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: