每日安全动态推送(11-30)

渗透技巧 2个月前 admin
133 0 0
Tencent Security Xuanwu Lab Daily News


• Mover_Final_Report.pdf:https://github.com/viaMover/contract-audit-reports/blob/main/Mover_Final_Report.pdf

   ・ Mover合约的审计报告,包含一个高危和一个中危漏洞。 – keenan


• [Pentest] Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDR:
https://link.medium.com/7GwUnFncZub

   ・ Havoc C2 绕过 Defender For Endpoint 横向移动实战 – andreszeng


• [Tools] Overview:
https://github.com/Sentinel-One/peafl64

   ・ peafl64: 用于fuzz的Windows 64位PE文件静态插桩工具 – andreszeng


• [Windows] Exploit Protection Reference:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exploit-protection-reference?view=o365-worldwide

   ・ Windows 漏洞利用缓解细节参考 – andreszeng


• [Tools] Pointer compression in Oilpan:
https://v8.dev/blog/oilpan-pointer-compression

   ・ Chrome团队在Oilpan中开启了指针压缩以提升性能。 – keenan


• Emotet Strikes Again - LNK File Leads to Domain Wide Ransomware - The DFIR Report:
https://thedfirreport.com/2022/11/28/emotet-strikes-again-lnk-file-leads-to-domain-wide-ransomware/

   ・ LNK文件导致的勒索攻击 – xmzyshypnc


• [Tools] r/ReverseEngineering - Heap_detective is an open-source static analysis tool that finds pitfalls in heap memory usage in C and C++.:
https://www.reddit.com/r/ReverseEngineering/comments/z6lb16/heap_detective_is_an_opensource_static_analysis/

   ・ 基于污点分析技术的C/C++语言堆漏洞静态检测工具 – P4nda


• [Vulnerability] GCC undefined behaviors are getting wild : programming:
https://www.reddit.com/r/programming/comments/z6f0ae/gcc_undefined_behaviors_are_getting_wild/

   ・ x86-64 上的 GCC 12.2.0 对UB行为的处理可能导致看上去无害的整数溢出漏洞变得危险 – ArisXu


• [Windows] Dynamic Analysis of Windows Exploit Mitigations — Import Address Filtering.:
https://wambui-ngige.medium.com/dynamic-analysis-of-windows-exploit-mitigations-import-address-filtering-16fc28029529

   ・ 动态分析Windows漏洞缓解技术之导入地址过滤 – WireFisher


• YApi <1.12.0 远程命令执行漏洞:
https://paper.seebug.org/2028/

   ・ YApi远程命令执行的漏洞分析,文中提供了一款命令行扫描工具scalpel – ArisXu


• [Web] Researchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services:
https://thehackernews.com/2022/11/researchers-detail-appsync-cross-tenant.html

   ・ AWS AppSyncs的confused deputy problem漏洞的细节,该漏洞允许一个恶意租户通过AppSyncs的访问别的租户的资源 – Atum


• [iOS] Researcher released the technical details for CVE-2022-32898 in iOS 16:
https://securityonline.info/researcher-released-the-technical-details-for-cve-2022-32898-in-ios-16/

   ・ ios16 内核内存破坏漏洞分析,可从APP默认沙箱直接触发 – WireFisher


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-30)

版权声明:admin 发表于 2022年11月30日 下午12:10。
转载请注明:每日安全动态推送(11-30) | CTF导航

相关文章

暂无评论

暂无评论...