每日安全动态推送(03-31)

Tencent Security Xuanwu Lab Daily News

• CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter – Pentera:
https://www.pentera.io/blog/information-disclosure-in-vmware-vcenter/

   ・ VMware vCenter CVE-2022-22948 信息泄露漏洞分析 – Jett

• [PDF] https://www.bitdefender.com/files/News/CaseStudies/study/413/Bitdefender-PR-Whitepaper-WCam-creat5991-en-EN.pdf:
https://www.bitdefender.com/files/News/CaseStudies/study/413/Bitdefender-PR-Whitepaper-WCam-creat5991-en-EN.pdf

   ・ Wyze Cam IoT 设备被发现认证绕过和栈溢出 RCE 漏洞 – Jett

• Pwning 3CX Phone Management Backends from the Internet | by frycos | Mar, 2022 | Medium:
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88

   ・ Hacking 3CX电话系统 – Jett

• Spring4Shell: Security Analysis of the latest Java RCE ‘0-day’ vulnerabilities in Spring | LunaSec:
https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/

   ・ LunaSec 对高危 Spring4Shell 漏洞的分析 – Jett

• [IoT] Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All – SentinelOne:
https://www.sentinelone.com/labs/pwning-microsoft-azure-defender-for-iot-multiple-flaws-allow-remote-code-execution-for-all/

   ・ 微软 Azure Defender for IoT 密码还原机制存在漏洞，攻击者可以远程控制设备 – Jett

• GARAGEBAND AND LOGIC:
https://www.atredis.com/blog/2022/03/29/veni-midi-vici-conquering-cve-2022-22657-and-cve-2022-22664

   ・ Fuzz macOS GarageBand 和 Logic Pro X 支持的 MIDI 文件格式 – Jett

• [PDF] https://arxiv.org/pdf/2203.15121.pdf:
https://arxiv.org/pdf/2203.15121.pdf

   ・ PACTIGHT – 基于 ARM Pointer Authentication (PA) 的更严格的控制流劫持防御方案 – Jett

• 【Rootkit 系列研究】序章：悬顶的达摩克利斯之剑:
https://paper.seebug.org/1867/

   ・ 【Rootkit 系列研究】序章：悬顶的达摩克利斯之剑 – lanying37

• Understanding Arm64EC ABI and assembly code:
https://docs.microsoft.com/en-us/windows/uwp/porting/arm64ec-abi

   ・ Windows 11 on Arm Arm64EC ABI Internals – Jett

• GitHub – ptresearch/AttackDetection: Attack Detection:
https://github.com/ptresearch/AttackDetection

   ・ Positive Research 团队开源了他们为开源 IDS/IPS 引擎 Suricata 写的大量漏洞检测规则 – Jett

• Automating DFIR using Cloud services:
https://zawadidone.nl/automating-dfir-using-cloud-services/

   ・ Automating DFIR using Cloud services – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(03-31)