Tencent Security Xuanwu Lab Daily News
• Microsoft Vancouver leaking website credentials via overlooked DS_STORE file:
https://cybernews.com/security/microsoft-vancouver-leaking-website-credentials-via-overlooked-ds-store-file/
・ 微软温哥华网站因 DS_STORE 文件暴露泄露 WordPress 密钥等敏感信息
– Jett
• A phishing document signed by Microsoft – part 1:
https://outflank.nl/blog/2021/12/09/a-phishing-document-signed-by-microsoft/
・ Microsoft Excel CVE-2021-28449 漏洞分析,该漏洞可以被攻击者利用生成一份微软签名的恶意钓鱼文档,从而加载任意代码
– Jett
• DLL劫持快速挖掘入门教程:
https://tttang.com/archive/1365/
・ DLL劫持快速挖掘入门教程.
– lanying37
• A new StrongPity variant hides behind Notepad++ installation:
https://blog.minerva-labs.com/a-new-strongpity-variant-hides-behind-notepad-installation?utm_source=reddit
・ StrongPity 攻击组织在 Notepad++ 安装包中嵌入恶意代码
– Jett
• Why IoT Security Matters – NCC Group Research:
https://research.nccgroup.com/2021/12/09/why-iot-security-matters/
・ Why IoT Security Matters
– Jett
• [Pentest] GitHub – S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.:
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
・ Active Directory Exploitation Cheat Sheet
– Jett
• [Tools] Use ZomEye to track Bitter APT (Behavior Mapping record):
https://youtu.be/dS6Pmpv40QQ
・ 利用 ZoomEye 追踪Bitter APT团队恶意软件分析视频.
– lanying37
• 【漏洞预警】Apache Log4j2 远程代码执行漏洞二次更新通告:
https://mp.weixin.qq.com/s/AuBchaUvFw2pisVw6rNX5A
・ Java 日志框架 Apache Log4j2 被发现高危 RCE 漏洞
– Jett
• GitHub – tangxiaofeng7/apache-log4j-poc: Apache Log4j 远程代码执行:
https://github.com/tangxiaofeng7/apache-log4j-poc
・ Apache Log4j 远程代码执行漏洞 PoC 已在 GitHub 公开
– Jett
• Zero Day Initiative — Understanding the Root Cause of CVE-2021-21220 – A Chrome Bug from Pwn2Own 2021:
https://www.zerodayinitiative.com/blog/2021/12/8/understanding-the-root-cause-of-cve-2021-21220-a-chrome-bug-from-pwn2own-2021
・ Pwn2Own Vancouver 2021 比赛中 Chrome CVE-2021-21220 漏洞的分析 Part 2
– Jett
• Finding Secret RDP Registry Keys Using IDA Free – The Devolutions Blog:
https://blog.devolutions.net/2021/12/finding-secret-rdp-registry-keys-using-ida-free/
・ Finding Secret RDP Registry Keys Using IDA Free
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-10)