每日安全动态推送(07-31)

Tencent Security Xuanwu Lab Daily News

• GHSL-2020-072: Arbitrary file disclosure in JinJava - CVE-2020-12668:
https://github.co/2Ex8cG3

   ・ JinJava 任意文件读漏洞分析（CVE-2020-12668） – Jett

• [Tools] mitre-attack/attack-scripts:
https://github.com/mitre-attack/attack-scripts/tree/master/layers

   ・ 关于辅助实现自动化ATT＆CK归纳的python脚本 – Schwarrzz

• Hunting 0-days in Cisco DCNM with ShiftLeft Ocular:
https://blog.shiftleft.io/hunting-0-days-in-cisco-dcnm-with-shiftleft-ocular-a3091bb8ef29

   ・ Hunting 0-days in Cisco Data Center Network Manager (DCNM) with ShiftLeft Ocular – Jett

• [Tools, Malware] Unpacking Pyrogenic/Qealler using Java agent -Part 0x2:
https://www.securityinbits.com/malware-analysis/unpacking/unpacking-pyrogenic-qealler-using-java-agent-part-0x2/

   ・ 使用Java代理解压缩/ Qealler拆包分析-第0x2部分。 – lanying37

• Bitdefender Napoca Hypervisor:
https://github.com/napocahv/napoca

   ・ Napoca - Bitdefender 开源的 Hypervisor，提供多个安全相关的功能 – Jett

• [Android, Malware] Android worm malware spreads via SMS in India as TikTok Pro | Android Malware | Fake TikTok Pro:
https://youtu.be/mzkDxBjshI4

   ・ Android SMS蠕虫恶意软件正通过TikTok Pro在印度传播  – Schwarrzz

• Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates:
http://www.fireeye.com/blog/threat-research/2020/07/insights-into-office-365-attacks-and-how-managed-defense-investigates.html

   ・ 如何基于 Office 365 提供的日志等信息分析商业邮箱入侵事件 – Jett

• [Crypto] Zoom Security Exploit – Cracking private meeting passwords:
https://www.tomanthony.co.uk/blog/zoom-security-exploit-crack-private-meeting-passwords/

   ・ Zoom 服务的私有会议密码存在可爆破漏洞，导致会议密码可破解 – Jett

• [Reverse Engineering] Reverse Engineering Starling Bank (Part I): Obfuscation Techniques:
https://hot3eed.github.io/2020/07/30/starling_p1_obfuscations.html

   ・ iOS App Starling Bank 的混淆技术分析 – Jett

• [iOS] One Byte to rule them all:
https://googleprojectzero.blogspot.com/2020/07/one-byte-to-rule-them-all.html?m=1

   ・ One Byte to rule them all - 不依赖 Fake Mach Ports 技术，如何将一字节的堆溢出漏洞转换成任意地址读写 – Jett

• [iOS] 2035 - iOS: PPL bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal() - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2035

   ・ Issue 2035: iOS: PPL bypass due to incorrect argument verification in pmap_protect_options_internal() and pmap_remove_options_internal()  – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab