Tencent Security Xuanwu Lab Daily News
• New Research Paper: Pre-hijacking Attacks on Web User Accounts:
https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/
・ New Research Paper: Pre-hijacking Attacks on Web User Accounts
– Jett
• [Android, Browser] Protecting Android users from 0-Day attacks:
https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/
・ Google TAG 团队 2021 年监测到的一些 Android 0Day 漏洞
– Jett
• security_update_20220523:
https://github.com/alibaba/fastjson/wiki/security_update_20220523
・ Fastjson 1.2.80 及以下版本存在绕过默认 autoType 关闭的限制,实现远程代码执行
– Jett
• Beneath the surface: Uncovering the shift in web skimming:
https://www.microsoft.com/security/blog/2022/05/23/beneath-the-surface-uncovering-the-shift-in-web-skimming/
・ 近期 Web skimming 攻击中的一些代码混淆技术
– Jett
• Revisiting a Credential Guard Bypass:
https://itm4n.github.io/credential-guard-bypass/
・ Revisiting a Credential Guard Bypass
– Jett
• 基础知识-gcc编译过程:
https://tttang.com/archive/1595/
・ fuzzer AFL 源码分析(一)- 编译
– lanying37
• [Windows] Windows Kernel Driver in Rust (Rusty Rootkit) for Red Teamers:
https://github.com/memN0ps/eagle-rs/
・ 面向 Red Team 的 Rust 版 Windows 内核驱动
– Jett
• Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG:
https://connormcgarr.github.io/hvci/
・ 在开启虚拟化保护 VBS、HVCI、内核 CFG 的环境下实现漏洞利用
– Jett
• Math.abs JIT Optimization Bug in JSC:
https://vul.360.net/archives/397
・ 2021 年天府杯 Safari JavaScriptCore Math.abs JIT CVE-2021-30953 漏洞的分析
– Jett
• IEEE S&P 2022 云端报道(1):
https://mp.weixin.qq.com/s/yRKjJHaxYnZgxr6gMjem4Q
・ 上海交大 GOSSIP 研究组对 IEEE S&P 2022 会议的云端报道
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(05-24)
