每日安全动态推送(01-29)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• Learning Linux Kernel Exploitation - Part 2:
https://lkmidas.github.io/posts/20210128-linux-kernel-pwn-part-2/

   ・ Learning Linux Kernel Exploitation - Part 2 – Jett


• Deep into the SunBurst Attack - Check Point Research:
https://research.checkpoint.com/2021/deep-into-the-sunburst-attack/

   ・ Deep into the SunBurst Attack – Jett


• TeamTNT Cloaks Malware With Open-Source Tool:
https://threatpost.com/teamtnt-cloaks-malware-open-source-tool/163414/

   ・ 检测逃避恶意软件TeamTNT分析。 – lanying37


• Remote Attackers Can Now Reach Protected Network Devices via NAT Slipstreaming:
https://threatpost.com/remote-attackers-internal-network-devices-nat-slipstreaming/163400/

   ・ 根据研究人员最新研究发现远程攻击者利用网络地址转换(NAT)滑流攻击对网络设备安全威胁。 – lanying37


• Advisory X41-2021-001: Multiple Vulnerabilities in YARA:
https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/

   ・ 用于处理 Yara 规则的 libyara 库被发现多个漏洞 – Jett


• Exploiting a “Simple” Vulnerability – Part 1.5 – The Info Leak – Winsider Seminars & Solutions Inc.:
https://windows-internals.com/exploiting-a-simple-vulnerability-part-1-5-the-info-leak/

   ・ Exploiting a “Simple” Vulnerability – Part 1.5 – The Info Leak – Jett


• A Look at iMessage in iOS 14:
https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html

   ・ Project Zero Samuel Groß 对 iMessage 的安全研究 – Jett


• Pwn2Own: A Tale of a Bug Found and Lost Again | CrowdStrike:
https://www.crowdstrike.com/blog/pwn2own-tale-of-a-bug-found-and-lost-again/

   ・ 研究员在西数 My Cloud Pro NAS 设备发现两个漏洞在 Pwn2Own 赛前被补了 – Jett


• Intezer - How We Escaped Docker in Azure Functions:
https://www.intezer.com/blog/research/how-we-escaped-docker-in-azure-functions/

   ・ How We Escaped Docker in Azure Functions – Jett


• XNU kauth 子系统解读:
https://paper.seebug.org/1472/

   ・ XNU kauth 子系统解读 – Jett


• Bad Neighbor on FreeBSD: IPv6 Router Advertisement Vulnerabilities in rtsold (CVE-2020-25577):
http://blog.quarkslab.com/bad-neighbor-on-freebsd-ipv6-router-advertisement-vulnerabilities-in-rtsold-cve-2020-25577.html

   ・ Bad Neighbor on FreeBSD - FreeBSD IPv6 协议栈路由协议相关 4 个漏洞分析 – Jett


• 为被动扫描器量身打造一款爬虫 - LSpider:
https://paper.seebug.org/1473/

   ・ 为被动扫描器量身打造一款爬虫 - LSpider – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(01-29)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: