每日安全动态推送(11-12)

渗透技巧 2年前 (2021) admin
525 0 0
Tencent Security Xuanwu Lab Daily News


• The Kerberos Key List Attack: The return of the Read Only Domain Controllers:
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers/

   ・ The Kerberos Key List Attack: The return of the Read Only Domain Controllers – Jett


• The Newest Malicious Actor: “Squirrelwaffle” Malicious Doc.:
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/the-newest-malicious-actor-squirrelwaffle-malicious-doc/

   ・  McAfees研究人员发现最新“Squirrelwaffle“恶意软件威胁并对进行分析. – lanying37


• 记一次Log4j失败的Gadget挖掘记录:
https://tttang.com/archive/1314/

   ・ 记一次Log4j失败的Gadget挖掘记录. – lanying37


• All about bug bounty:
https://github.com/daffainfo/AllAboutBugBounty

   ・ All about bug bounty – Jett


• GitHub – r0eXpeR/redteam_vul: 红队作战中比较常遇到的一些重点系统漏洞整理。:
https://github.com/r0eXpeR/redteam_vul

   ・ 红队中易被攻击的一些重点系统漏洞整理 – Jett


• [PDF] https://i.blackhat.com/EU-21/Wednesday/EU-21-Nisi-Lost-In-The-Loader.pdf:
https://i.blackhat.com/EU-21/Wednesday/EU-21-Nisi-Lost-In-The-Loader.pdf

   ・ Lost in the Loader – 不同环境 Windows Loader 处理 PE 文件格式的差异分析 – Jett


• [Malware] [PDF] https://lifars.com/wp-content/uploads/2021/09/Lazarus.pdf:
https://lifars.com/wp-content/uploads/2021/09/Lazarus.pdf

   ・ Lazarus RAT 远控工具 – FALLCHILL 的分析报告 – Jett


• [macOS] Analyzing a watering hole campaign using macOS exploits:
https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/

   ・ Goole TAG 团队发现有攻击者利用 macOS XNU 内核提权漏洞发起水坑攻击 – Jett


• [Fuzzing] ClusterFuzzLite: Continuous fuzzing for all:
http://security.googleblog.com/2021/11/clusterfuzzlite-continuous-fuzzing-for.html

   ・ Google 开源了一套 Fuzz 框架 – ClusterFuzzLite,支持在 CI 工作流中引入 Fuzz – Jett


• [Tools, Windows] Evading EDR Detection with Reentrancy Abuse | Deep Instinct:
https://www.deepinstinct.com/blog/evading-antivirus-detection-with-inline-hooks

   ・ 利用 EDR 软件 Hook API 时对函数重入问题的处理问题实现逃逸检测 – Jett


• [Fuzzing, Tools] What can I do to prevent this in the future?:
https://www.mandiant.com/resources/fuzzing-image-parsing-three

   ・ Fuzzing Image Parsing in Windows, Part Three: RAW and HEIF – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-12)

版权声明:admin 发表于 2021年11月12日 上午4:23。
转载请注明:每日安全动态推送(11-12) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...