Tencent Security Xuanwu Lab Daily News
• [PDF] https://sjtu.lijuanru.com/publications/dsn22-s.pdf:
https://sjtu.lijuanru.com/publications/dsn22-s.pdf
・ SIMulation – 对基于蜂窝网络的一键登录(One-Tap Authentication)方案的研究报告
– Jett
• [Virtualization] r/ReverseEngineering – Detecting Hypervisor-assisted Hooking:
https://www.reddit.com/r/ReverseEngineering/comments/uh9vy9/detecting_hypervisorassisted_hooking/
・ Detecting Hypervisor-assisted Hooking
– Jett
• Raspberry Robin gets the worm early:
https://redcanary.com/blog/raspberry-robin/
・ Raspberry Robin – 利用 USB 并借助 Windows Installer 感染并传播的蠕虫
– Jett
• CVE-2022-0540 – Authentication bypass in Seraph:
https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/
・ Jira Seraph 认证绕过漏洞分析(CVE-2022-0540)
– Jett
• Yours Truly, Signed AV Driver: Weaponizing an Antivirus Driver | Aon:
https://www.aon.com/cyber-solutions/aon_cyber_labs/yours-truly-signed-av-driver-weaponizing-an-antivirus-driver/
・ 恶意软件滥用 Avast 反病毒软件驱动的缺陷绕过检测
– Jett
• IAM Privilege Escalation in GCP:
https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
・ GCP IAM 提权相关的资料整理
– Jett
• Hacking a Bank by Finding a 0day in DotCMS:
https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/
・ Hacking a Bank by Finding a 0day in DotCMS
– Jett
• [Linux] Privilege Escalation Vulnerabilities Discovered In Linux Known As Nimbuspwn:
https://fourcore.io/blogs/nimbuspwn-linux-vulnerabilities-allows-root-access-cve-2022-29799-and-cve-2022-29800
・ linux 系统 systemd 组件 Nimbuspwn 本地提权漏洞分析(CVE-2022-29800)
– Jett
• Fuzzing ClamAV with real malware samples:
https://mmmds.pl/clamav/
・ 利用 vx-underground 恶意软件库的样本 Fuzz ClamAV
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(05-09)
