每日安全动态推送(11-08)

Tencent Security Xuanwu Lab Daily News


• VAST: MLIR for Program Analysis:
https://github.com/trailofbits/vast

   ・ VAST - 基于 MLIR 框架,为 C/C++ 语言实现的前端程序分析工具 – Jett


• Apache Commons JXPath 远程代码执行(CVE-2022-41852) - 先知社区:
https://xz.aliyun.com/t/11813

   ・ 复现近期的 Apache Commons JXPath 远程代码执行(CVE-2022-41852)漏洞 – Jett


• [Browser] [BRP] Make BRP-ASan account for race conditions:
https://chromium-review.googlesource.com/c/chromium/src/+/3934091

   ・ Chromium 浏览器项目利用 BRP-ASan 从 ASan 爆出的 UAF 漏洞中识别条件竞争问题 – Jett


• Malicious Python Packages Replace Crypto Addresses in Developer Clipboards:
https://blog.phylum.io/pypi-malware-replaces-crypto-addresses-in-developers-clipboard

   ・ 有攻击者利用 Python 包的 typosquat 问题攻击开发者,替换开发者剪切板中的加密货币钱包地址 – Jett


• [Report, Network] DDoS attacks in Q3 2022:
https://securelist.com/ddos-report-q3-2022/107860/

   ・ 卡巴斯基发布 2022 Q3 季度 DDoS 攻击分析报告 – Jett


• SpyGuard/SpyGuard: SpyGuard is a forked and enhanced version of TinyCheck:
https://github.com/SpyGuard/SpyGuard

   ・ SpyGuard - 增强版的 TinyCheck,通过网络流量检测主机是否已经被攻陷 – Jett


• Pwning ManageEngine — From Endpoint to Exploit:
https://medium.com/@erik.wynter/pwning-manageengine-from-endpoint-to-exploit-bc5793836fd

   ・ ManageEngine ADAudit Plus 任意文件写漏洞的分析和利用(CVE-2021–42847) – Jett


• [Tools] Snaffler:
https://github.com/SnaffCon/Snaffler

   ・ Snaffler - 渗透测试项目中帮助探测 Windows/AD 环境的工具 – Jett


• [PDF] https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/Tarek%20Abdelmotaleb%20%20%20Dr.%20Bramwell%20Brizendine%20-%20Weaponizing%20Windows%20Syscalls%20as%20Modern%2032-bit%20Shellcode.pdf:
https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/Tarek%20Abdelmotaleb%20%20%20Dr.%20Bramwell%20Brizendine%20-%20Weaponizing%20Windows%20Syscalls%20as%20Modern%2032-bit%20Shellcode.pdf

   ・ Weaponizing Windows Syscalls as Modern 32-bit Shellcode,来自 DEF CON 30 会议,不依赖 Win32 API,以纯 SYSCALL 的方式,在 64 位 Windows 上运行 32 位的 Shellcode – Jett


• PRACTICAL CLIENT SIDE PATH TRAVERSAL ATTACKS:
https://mr-medi.github.io/research/2022/11/04/practical-client-side-path-traversal-attacks.html

   ・ 利用 Acronis 备份保护软件的路径穿越+Open Redirect 漏洞窃取用户隐私 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-08)

版权声明:admin 发表于 2022年11月8日 下午1:41。
转载请注明:每日安全动态推送(11-08) | CTF导航

相关文章

暂无评论

暂无评论...