每日安全动态推送(06-17)

Tencent Security Xuanwu Lab Daily News

• [Windows, Vulnerability] That Pipe is Still Leaking: Revisiting the RDP Named Pipe Vulnerability:
https://www.cyberark.com/resources/threat-research-blog/that-pipe-is-still-leaking-revisiting-the-rdp-named-pipe-vulnerability

   ・ RDP 命名管道权限设置不当漏洞分析（CVE-2022-24533） – Jett

• Reverse Engineering Flutter Apps | Guardsquare:
https://www.guardsquare.com/blog/current-state-and-future-of-reversing-flutter-apps

   ・ Flutter Apps 的逆向 – Jett

• Secure Messaging Apps and Group Protocols, Part 2:
http://blog.quarkslab.com/secure-messaging-apps-and-group-protocols-part-2.html

   ・ 端到端加密通信 App 如何实现群聊消息的安全，来自 QuarksLab – Jett

• DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach:
https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/

   ・ DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach – Jett

• Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack:
https://www.zerodayinitiative.com/blog/2022/6/15/cve-2022-23088-exploiting-a-heap-overflow-in-the-freebsd-wi-fi-stack

   ・ 利用 FreeBSD Wi-Fi 协议栈的堆溢出漏洞实现 RCE（CVE-2022-23088） – Jett

• [Android] The Android kernel mitigations obstacle race:
https://github.blog/2022-06-16-the-android-kernel-mitigations-obstacle-race/

   ・ 利用 Qualcomm GPU 驱动的 UAF 漏洞实现 Samsung Z flip 3 root 提权、禁用 SELinux  – Jett

• iOS 16 – restricted Userclients:
https://saaramar.github.io/ios16_restricted_iouserclients/

   ・ iOS 16 版本 IOSurface 攻击面缓解的一些变化 – Jett

• WMI攻守之道:
https://tttang.com/archive/1624/

   ・ WMI攻守之道 – lanying37

• VED (Vault Exploit Defense) – Linux kernel threat detection and prevention system:
https://github.com/hardenedvault/ved

   ・ VED – Linux 内核威胁检测和防御系统 – Jett

• Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains:
https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html

   ・ iOS 平台 ARM64 ROP 利用链 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(06-17)