Tencent Security Xuanwu Lab Daily News
• [Virtualization] USB Over Ethernet | Multiple Vulnerabilities in AWS and Other Major Cloud Services:
https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/
・ USB Over Ethernet – 有研究团队在 Eltima SDK 中发现严重漏洞,影响多款云厂商产品
– Jett
• Kamala Harris is Bluetooth-phobic – POLITICO:
https://www.politico.com/newsletters/west-wing-playbook/2021/12/06/kamala-harris-is-bluetooth-phobic-495343
・ 因担心安全问题,美国副总统贺锦丽不使用蓝牙耳机
– Jett
• [Browser] Two Birds with One Stone: An Introduction to V8 and JIT Exploitation:
https://www.zerodayinitiative.com/blog/2021/12/6/two-birds-with-one-stone-an-introduction-to-v8-and-jit-exploitation
・ Pwn2Own Vancouver 2021 比赛中 V8 漏洞的分析和利用
– Jett
• [iOS] Hack Different: Pwning iOS 14 with Generation Z Bug:
https://youtu.be/fLXc5PJdtp0
・ Hack Different: Pwning iOS 14 with Generation Z Bug.
– lanying37
• [Crypto] Status of post-quantum cryptography implementation:
http://blog.quarkslab.com/status-of-post-quantum-cryptography-implementation.html
・ 后量子加密实现的现状
– Jett
• Disrupting the Glupteba operation:
https://blog.google/threat-analysis-group/disrupting-glupteba-operation/
・ Google 对 Glupteba 攻击行动的分析
– Jett
• [Windows] Windows 10 RCE: The exploit is in the link:
https://positive.security/blog/ms-officecmd-rce
・ Windows 10 RCE: The exploit is in the link
– Jett
• [Windows] GitHub – wavestone-cdt/EDRSandblast:
https://github.com/wavestone-cdt/EdrSandblast
・ EDRSandBlast – EDR bypass through Kernel callbacks removal
– Jett
• GitHub – xforcered/xPipe: Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions:
https://github.com/xforcered/xPipe
・ 用于枚举 Windows 系统 Pipe 的工具
– Jett
• [Tools] VXUG-Papers/Stealthily Creating Processes at main · vxunderground/VXUG-Papers:
https://github.com/vxunderground/VXUG-Papers/tree/main/Stealthily%20Creating%20Processes
・ Stealthily Creating Processes via Abusing Undocumented COM Helppane Libraries
– Jett
• 加密后门的木马分析:
https://tttang.com/archive/1342/
・ 加密后门的木马分析.
– lanying37
• [Reverse Engineering] Reverse Engineering the M1:
https://youtu.be/espRmO41Bg4
・ 对M1逆向工程会议演讲视频.
– lanying37
• GitHub – rnd-ash/ecu_diagnostics: A Rust crate for ECU diagnostic protocols (UDS / KWP):
https://github.com/rnd-ash/ecu_diagnostics
・ 用于实现汽车 ECU 诊断功能的工具
– Jett
• What can I do to prevent this in the future?:
https://www.mandiant.com/resources/fin13-cybercriminal-mexico
・ Mandiant 对 FIN13 APT 组织的分析报告
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-08)