每日安全动态推送(11-04)

渗透技巧 1年前 (2022) admin
441 0 0
Tencent Security Xuanwu Lab Daily News


• [Fuzzing] Why CVE-2022-3602 was not detected by fuzz testing:
https://allsoftwaresucks.blogspot.com/2022/11/why-cve-2022-3602-was-not-detected-by.html

   ・ 这篇文章分析为什么这两天爆出的 OpenSSL punycode 漏洞没有提前被 Fuzz 测试发现 – Jett


• 0xADE1A1DE/USB-Injection:
https://github.com/0xADE1A1DE/USB-Injection

   ・ 以其他已连接 USB 设备的身份注入击键指令,来自 USENIX 会议的 Paper:The Impostor Among US(B): Off-Path Injection Attacks on USB Communications – Jett


• [Attack] Dropbox Hacked – Attackers Stolen 130 GitHub Repositories:
https://cybersecuritynews.com/dropbox-hacked/

   ・ Dropbox 被黑,攻击者利用被黑员工的密钥信息窃取了 Dropbox 存储在 GitHub 的大量源码 – Jett


• RC4 Is Still Considered Harmful:
https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

   ・ James Forshaw 发现 Windows 认证中使用的 RC4 加密存在缺陷,可以以其他用户的身份认证 – Jett


• Qual+Android方案Unlock学习 以Oneplus7Pro为例:
https://o0xmuhe.github.io/2022/11/01/Qual-Android%E6%96%B9%E6%A1%88Unlock%E5%AD%A6%E4%B9%A0-%E4%BB%A5Oneplus7Pro%E4%B8%BA%E4%BE%8B/

   ・ 某款刷机工具 Unlock 实现机制的研究 – Jett


• Ghidra_10.2_build:
https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_10.2_build

   ・ NSA 发布 Ghidra 10.2 版本,Debugger、Decompiler 等组件均有更新 – Jett


• [Vulnerability] Local clone optimization dereferences symbolic links by default:
https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85

   ・ Git 修复了一个本地仓库 clone 过程中的符号链接 Following 问题,可以泄露用户敏感信息 – Jett


• Server-side attacks, C&C in public clouds and other MDR cases we observed:
https://securelist.com/server-side-attacks-cc-in-public-clouds-mdr-cases/107826/

   ・ 卡巴斯基对云环境实际攻击样本及相关攻击手法的总结分析 – Jett


• [Network] Melting the DNS Iceberg: Taking over your infrastructure Kaminsky style:
https://sec-consult.com/blog/detail/melting-the-dns-iceberg-taking-over-your-infrastructure-kaminsky-style/

   ・ Sec-consult 对互联网的 DNS 解析服务分析发现,大量存在 Kaminsky DNS 缓存污染攻击的风险 – Jett


• LOLBINed — Using Kaspersky Endpoint Security “KES” Installer to Execute Arbitrary Commands:
https://nasbench.medium.com/lolbined-using-kaspersky-endpoint-security-kes-installer-to-execute-arbitrary-commands-1c999f1b7fea

   ・ 利用卡巴斯基终端安全软件的 KES Installer 组件提供的 “Features”可以执行任意命令 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-04)

版权声明:admin 发表于 2022年11月4日 下午3:52。
转载请注明:每日安全动态推送(11-04) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...