Tencent Security Xuanwu Lab Daily News
• GHSL-2020-072: Arbitrary file disclosure in JinJava - CVE-2020-12668:
https://github.co/2Ex8cG3
・ JinJava 任意文件读漏洞分析(CVE-2020-12668)
– Jett
• [Tools] mitre-attack/attack-scripts:
https://github.com/mitre-attack/attack-scripts/tree/master/layers
・ 关于辅助实现自动化ATT&CK归纳的python脚本
– Schwarrzz
• Hunting 0-days in Cisco DCNM with ShiftLeft Ocular:
https://blog.shiftleft.io/hunting-0-days-in-cisco-dcnm-with-shiftleft-ocular-a3091bb8ef29
・ Hunting 0-days in Cisco Data Center Network Manager (DCNM) with ShiftLeft Ocular
– Jett
• [Tools, Malware] Unpacking Pyrogenic/Qealler using Java agent -Part 0x2:
https://www.securityinbits.com/malware-analysis/unpacking/unpacking-pyrogenic-qealler-using-java-agent-part-0x2/
・ 使用Java代理解压缩/ Qealler拆包分析-第0x2部分。
– lanying37
• Bitdefender Napoca Hypervisor:
https://github.com/napocahv/napoca
・ Napoca - Bitdefender 开源的 Hypervisor,提供多个安全相关的功能
– Jett
• [Android, Malware] Android worm malware spreads via SMS in India as TikTok Pro | Android Malware | Fake TikTok Pro:
https://youtu.be/mzkDxBjshI4
・ Android SMS蠕虫恶意软件正通过TikTok Pro在印度传播
– Schwarrzz
• Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates:
http://www.fireeye.com/blog/threat-research/2020/07/insights-into-office-365-attacks-and-how-managed-defense-investigates.html
・ 如何基于 Office 365 提供的日志等信息分析商业邮箱入侵事件
– Jett
• [Crypto] Zoom Security Exploit – Cracking private meeting passwords:
https://www.tomanthony.co.uk/blog/zoom-security-exploit-crack-private-meeting-passwords/
・ Zoom 服务的私有会议密码存在可爆破漏洞,导致会议密码可破解
– Jett
• [Reverse Engineering] Reverse Engineering Starling Bank (Part I): Obfuscation Techniques:
https://hot3eed.github.io/2020/07/30/starling_p1_obfuscations.html
・ iOS App Starling Bank 的混淆技术分析
– Jett
• [iOS] One Byte to rule them all:
https://googleprojectzero.blogspot.com/2020/07/one-byte-to-rule-them-all.html?m=1
・ One Byte to rule them all - 不依赖 Fake Mach Ports 技术,如何将一字节的堆溢出漏洞转换成任意地址读写
– Jett
• [iOS] 2035 - iOS: PPL bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal() - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2035
・ Issue 2035: iOS: PPL bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal()
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论