Tencent Security Xuanwu Lab Daily News
• The most spectacular crypto thefts and how to defend against them:
https://kas.pr/i8qz
・ 近年来最引人注目的加密货币攻击清单
– SecTodayBot
• HardHatC2 – A C# Command And Control Framework:
http://www.kitploit.com/2023/06/hardhatc2-c-command-and-control.html
・ 用 C# 编写的命令和控制框架,专为红队和易用性而设计。旨在帮助红队参与和渗透测试。它包含三个主要组件:ASP.NET 团队服务器、blazor .NET 客户端和基于 C# 的植入程序
– SecTodayBot
• Inside KangaPack: the Kangaroo packer with native decryption:
https://cryptax.medium.com/inside-kangapack-the-kangaroo-packer-with-native-decryption-3e7e054679c4
・ Kangaroo 加壳器
– SecTodayBot
• ALTISA CMS 5.2.1 SQL Injection:
https://packetstormsecurity.com/files/173170
・ ALTISA CMS 5.2.1 Auth Bypass 漏洞(SQL 注入漏洞)
– SecTodayBot
• Simple Blog 3.2 Cross Site Scripting:
https://packetstormsecurity.com/files/173190
・ Simple Blog 3.2 版存在跨站脚本漏洞
– SecTodayBot
• Some internal detection vectors bypass:
https://www.unknowncheats.me/forum/anti-cheat-bypass/286274-internal-detection-vectors-bypass.html
・ 如何使用 UPX 绕过 BattlEye 和 EAC 的基于启发式的反作弊检测
– SecTodayBot
• JokerSpy | Unknown Adversary Targeting Organizations with Multi-Stage macOS Malware:
https://www.sentinelone.com/blog/jokerspy-unknown-adversary-targeting-organizations-with-multi-stage-macos-malware/
・ QRLog 是一个用 Java 编写的木马 QR 代码生成器,它攻击者以特权访问从受害者到攻击者的反向 shell。恶意代码隐藏在QRCodeWriter.java文件中,埋藏在一个开源的开源二维码项目中
– SecTodayBot
• How did I approach making linux LKM rootkit, “reveng_rtkit” ?:
https://reveng007.github.io/blog/2022/03/08/reveng_rkit_detailed.html
・ 基于 Linux 内核的 rootkit
– SecTodayBot
• Finding Gadgets for CPU Side-Channels with Static Analysis Tools:
https://github.com/google/security-research/tree/master/pocs/cpus/spectre-gadgets
・ 使用 CodeQL 静态分析工具查找 CPU 测信道的 Gadgets
– SecTodayBot
• 大众汽车车载娱乐系统曝安全漏洞,可被远程控制 – FreeBuf网络安全行业门户:
https://www.freebuf.com/news/370513.html
・ 大众汽车 Discover Media 媒体信息娱乐系统漏洞披露
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(6-30)