Tencent Security Xuanwu Lab Daily News
• 通过嵌入x64汇编隐藏数据&反调试:
https://tttang.com/archive/1559/
・ 通过嵌入x64汇编隐藏数据&反调试
– lanying37
• A Deep Dive into Avos Locker Ransomware:
https://securityscorecard.com/resources/a-deep-dive-into-avos-locker-ransomware
・ Avos Locker 勒索软件的分析报告
– Jett
• Samsung Galaxy – Any App Can Install Any App In The Galaxy App Store:
https://labs.f-secure.com/advisories/samsung-galaxy-any-app-can-install-any-app/
・ 滥用 S21 手机 Galaxy App Store 应用漏洞实现任意安装应用
– Jett
• Samsung Flow – Any App Can Read The External Storage:
https://labs.f-secure.com/advisories/samsung-flow-any-app-can-read-the-external-storage/
・ 利用 Samsung Galaxy S21 设备 Flow App 的漏洞访问外部存储设备
– Jett
• Presentations/Lifting-the-veil-a-look-at-MDE-under-the-hood.pdf:
https://github.com/olafhartong/Presentations/blob/master/Lifting-the-veil-a-look-at-MDE-under-the-hood.pdf
・ Windows Defender for Endpoint 版本的数据采集范围、防护机制研究
– Jett
• The Curious Case Of Mavinject.Exe:
https://fourcore.io/blogs/mavinject-curious-process-injection
・ 恶意软件滥用微软签名的 Mavinject.exe 实现进程代码注入
– Jett
• From KBs to CVEs: Understanding the Relationships Between Windows Security Updates and Vulnerabilities:
https://claroty.com/2022/05/04/blog-research-from-kbs-to-cves-understanding-the-relationships-between-windows-security-updates-and-vulnerabilities/
・ Claroty 团队对微软补丁与 CVE 对应关系的研究
– Jett
• 从 PWN2OWN CVE-2022-27666 看内核页风水:
https://paper.seebug.org/1889/
・ 从 PWN2OWN CVE-2022-27666 看内核页风水
– lanying37
• On the Fuzzing Hook:
https://www.code-intelligence.com/blog/on-the-fuzzing-hook
・ Fuzz 过程中利用 Hook 收集覆盖率信息、检测漏洞、绕过检查
– Jett
• F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems:
https://threatpost.com/f5-critical-bugbig-ip-systems/179514/
・ F5 BIG-IP 系统修复高危 RCE 漏洞
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(05-06)
