Tencent Security Xuanwu Lab Daily News
• Apache Log4j2 Jndi RCE 高危漏洞分析与防御:
http://paper.seebug.org/1787/
・ Apache Log4j2 Jndi RCE 高危漏洞分析与防御建议.
– lanying37
• Espionage Campaign Targets Telecoms Organizations across Middle East and Asia:
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-campaign-telecoms-asia-middle-east
・ 过去半年中,疑似伊朗 Seedworm 组织发起针对中东和亚洲电信运营商的定向攻击
– Jett
• [Tools, Pentest] GitHub – ly4k/Pachine: Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation):
https://github.com/ly4k/Pachine
・ 有研究员为前两天爆出的 CVE-2021-42278 (Active Directory Privilege Escalation)漏洞写的 Python 版本 PoC
– Jett
• How hackers pollute your code.:
http://youtu.be/XS_UMqQalLI
・ How hackers pollute your code.
– lanying37
• JNDI 注入漏洞的前世今生:
https://evilpan.com/2021/12/13/jndi-injection/
・ JNDI 注入漏洞的前世今生
– Jett
• 内存级别攻防利器–UnSafe 的各种利用姿势:
http://paper.seebug.org/1785/
・ 内存级别攻防利器–UnSafe 的各种利用姿势.
– lanying37
• Home | Google Bug Hunters:
https://bughunters.google.com/learn/presentations/5783688075542528
・ Android App Hacking Workshop,Google 公开的 Android App 安全研究样例 APK 和 PPT
– Jett
• Write more secure code with the OWASP Top 10 Proactive Controls | The GitHub Blog:
https://github.co/3Ewvm9A
・ OWASP 发起的一个 “Top 10 Proactive Controls” 项目,用于帮助开发者开发过程中了解防御技术
– Jett
• [Virtualization] Why is Exposing the Docker Socket a Really Bad Idea?:
http://blog.quarkslab.com/why-is-exposing-the-docker-socket-a-really-bad-idea.html
・ Why is Exposing the Docker Socket a Really Bad Idea
– Jett
• [Malware] Owowa: the add-on that turns your OWA into a credential stealer and remote access panel:
https://securelist.com/owowa-credential-stealer-and-remote-access/105219/
・ 卡巴斯基在对可疑二进制样本分析中发现了一个用于窃取用户密钥的 IIS module
– Jett
• [Vulnerability] Remote Deserialization Bug in Microsoft’s RDP Client through Smart Card Extension (CVE-2021-38666):
https://thalium.github.io/blog/posts/deserialization-bug-through-rdp-smart-card-extension/
・ Remote Deserialization Bug in Microsoft’s RDP Client through Smart Card Extension (CVE-2021-38666)
– Jett
• December 2021 Security Updates:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
・ 微软发布 12 月份 Windows 补丁更新
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-15)