每日安全动态推送(04-29)

Tencent Security Xuanwu Lab Daily News

• Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators:
https://github.blog/2022-04-15-security-alert-stolen-oauth-user-tokens/

   ・ GitHub 发表安全公告，有攻击者窃取 GitHub 颁发给第三方的 OAuth，从 GitHub 上下载了很多私有 Repo 的数据 – Jett

• [Web, Virtualization] Wiz Research discovers “ExtraReplica”— a cross-account database vulnerability in Azure PostgreSQL:
https://www.wiz.io/blog/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql/

   ・ Wiz 研究团队在 Azure 云 PostgreSQL 产品中发现跨账户的越权数据库访问漏洞 – Jett

• How to master Google Hacking (Dorking):
https://blog.blockmagnates.com/how-to-master-google-hacking-dorking-bd9b6e3d28fa

   ・ 一些 Google Hacking Dorking Tricks – Jett

• [Tools] Introducing Package Analysis: Scanning open source packages for malicious behavior:
https://openssf.org/blog/2022/04/28/introducing-package-analysis-scanning-open-source-packages-for-malicious-behavior/

   ・ OpenSSF 发起 Package Analysis project 项目，用于从 PyPI、NPM 等包管理器中发现恶意软件 – Jett

• 浅谈hook攻防:
https://tttang.com/archive/1558/

   ・ 浅谈hook攻防 – lanying37

• [Tools] FindFunc: Advanced Filtering/Finding of Functions in IDA PRO:
https://github.com/FelixBer/FindFunc

   ・ FindFunc – 根据汇编指令、Bytes 特征在 IDA Pro 中搜索函数的插件 – Jett

• [Linux] Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn:
https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/

   ・ 微软对 Linux D-Bus IPC 机制 Nimbuspwn 本地 root 提权漏洞的分析 – Jett

• Bypassing LDAP Channel Binding with StartTLS:
https://offsec.almond.consulting/bypassing-ldap-channel-binding-with-starttls.html

   ・ Bypassing LDAP Channel Binding with StartTLS – Jett

• [Windows] Group Policy Folder Redirection CVE-2021-26887:
https://decoder.cloud/2022/04/27/group-policy-folder-redirection-cve-2021-26887/

   ・ 组策略配置 “Folder Redirection” 实现中的信息泄露、提权漏洞分析（CVE-2021-26887） – Jett

• [Tools] Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?:
https://blog.aquasec.com/npm-package-planting

   ・ npm 添加 maintainer 没有通知机制，结合 Masquerading 可能诱导开发者出现 “Package Planting” 问题 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(04-29)