Tencent Security Xuanwu Lab Daily News
• North Korea-linked Zinc group posed as Samsung recruiters to target security firms:
https://securityaffairs.co/wordpress/125071/apt/north-korea-zinc-targets-security-firms.html?utm_source=feedly&utm_medium=rss&utm_campaign=north-korea-zinc-targets-security-firms
・ 朝鲜 Zinc APT 组织冒充三星招聘人员攻击韩国安全公司研究员
– Jett
• Lazarus Research:
https://github.com/JPCERTCC/Lazarus-research
・ JPCERT 公开的 Lazarus APT 组织的研究报告和分析工具
– Jett
• What is GIT Source Code Exposure Vulnerability and Why Should You Care?:
https://iosentrix.com/blog/git-source-code-disclosure-vulnerability/
・ Git Repo 泄露漏洞
– Jett
• [Browser] allpaca/chrome-sbx-db:
https://github.com/allpaca/chrome-sbx-db
・ Chrome 浏览器沙箱逃逸类型漏洞的整理
– Jett
• [Browser] Data Exfiltration via CSS + SVG Font:
https://mksben.l0.cm/2021/11/css-exfiltration-svg-font.html
・ 利用 CSS 与 SVG Font 向外渗透数据
– Jett
• AlphaGolang:
https://github.com/SentineLabs/AlphaGolang
・ 用于分析 Golang 二进制的 IDA Python 脚本
– Jett
• GitHub 安装:
https://github.com/xiecat/goblin
・ Goblin – 一款适用于红蓝对抗中的仿真钓鱼系统
– Jett
• [Tools] README.md:
https://github.com/liamg/memit
・ Linux 平台的无文件落地、内存执行二级制文件的 Loader
– Jett
• UEFI virtual machine firmware hardening through snapshots and attack surface reduction:
https://arxiv.org/abs/2111.10167
・ UEFI virtual machine firmware hardening through snapshots and attack surface reduction
– Jett
• [iOS] Popping iOS <=14.7 with IOMFB:
https://jsherman212.github.io/2021/11/28/popping_ios14_with_iomfb.html
・ IOMFB OOB 漏洞(CVE-2021-30807)在 iOS <=14.7 版本的利用
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-29)