每日安全动态推送(04-07)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News

• Using Kaitai to Parse Cobalt Strike Beacon Configs: 
https://sixdub.medium.com/using-kaitai-to-parse-cobalt-strike-beacon-configs-f5f0552d5a6e

   ・ Justin Warner:Using Kaitai to Parse Cobalt Strike Beacon Configs – potato


• Man in the Terminal: 
https://posts.specterops.io/man-in-the-terminal-65476e6165b9

   ・ Terminal 的中间人实现。 – potato


• Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.: 
https://www.notion.so/1-Hidden-OAuth-attack-vectors-d5a01415c8594118bc019c53a71f9082

   ・ OAuth2 和 OpenID 的安全问题研究。 – potato


• [Windows, Tools] gtworek/Priv2Admin: 
https://github.com/gtworek/Priv2Admin

   ・ Priv2Admin:在 Windows 中利用漏洞提权。 – potato


• How to Perform Static Malware Analysis with Radare2: 
https://www.blueteamsacademy.com/radare2/

   ・ 使用 Radare2 静态分析恶意软件。 – potato


• How to bypass Cloudflare, Incapsula, SUCURI and another WAF - Ethical hacking and penetration testing: 
https://miloserdov.org/?p=2960

   ・ 如何绕过 Cloudflare, Incapsula, SUCURI 和其它的 WAF。 – potato


• Rust in the Android platform: 
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/LhfBUjHBXG4/rust-in-android-platform.html

   ・ AOSP 现在支持 Rust 开发,以解决 C 和 C++ 开发带来的内存安全错误。 – potato


• Windows Privileges: 
https://speakerdeck.com/fr0gger/windows-privileges

   ・ 【图片】有关 Windows privileges 的备忘录。 – potato


• Eliminating Data Races in Firefox – A Technical Report: 
https://hacks.mozilla.org/2021/04/eliminating-data-races-in-firefox-a-technical-report/

   ・ Firefox 使用 ThreadSanitizer 来缓解 Data Races。 – potato


• A closer look at the security of React Native biometric libraries: 
https://blog.nviso.eu/2021/04/06/a-closer-look-at-the-security-of-react-native-biometric-libraries/

   ・ NVISO Labs:React Native 生物识别库的安全分析。 – potato


• [Linux] BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution: 
https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup

   ・ BleedingTooth:Linux 系统中蓝牙模块的零交互漏洞。允许未经身份验证的远程攻击者在具有漏洞的设备上执行具有 kernel privileges 权限的任意代码。 – potato


• [Malware] North Korean Hackers Use Exploits to Plant Malware on Researcher’s Computers: 
https://gbhackers.com/north-korean-hackers-use-exploits-to-plant-malware-on-researchers-computers/

   ・ 网络安全研究人员近期发现朝鲜黑客再次利用网络虚假账号欺骗网络安全领域的用户分析报道。 – lanying37


• [CTF, Conference] Pwn2Own 2021 - Schedule and Live Results: 
https://www.zerodayinitiative.com/blog/2021/4/2/pwn2own-2021-schedule-and-live-results

   ・ Pwn2Own 2021 的日程表。 – potato


• Automate Cache Poisoning Vulnerability - Nuclei: 
https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning

   ・ 自动执行web缓存中毒漏洞分析。 – lanying37


* 查看或搜索历史推送内容请访问: 
https://sec.today

* 新浪微博账号:腾讯玄武实验室 
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(04-07)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: