每日安全动态推送(12-28)

Tencent Security Xuanwu Lab Daily News

• [Malware] GuLoader Malware Utilizing New Techniques to Evade Security Software:
https://thehackernews.com/2022/12/guloader-malware-utilizing-new.html

   ・ GuLoader 恶意软件实现了大量反分析和反调试功能,其中包括利用硬件断点来 unhook NTDLL 里面的 hook – andreszeng


• [Linux] Critical Linux Kernel Vulnerability Let Attackers Execute Remote Code:
https://gbhackers.com/critical-linux-kernel-vulnerability/

   ・ Linux kernel ksmbd UAF RCE漏洞,ZDI-22-1690,CVSS SCORE:10.0 高危漏洞 – ThomasonZhao


• [iOS] Heap Overflows on iOS ARM64: Heap Spraying, Use-After-Free (Part 3):
https://www.inversecos.com/2022/07/heap-overflows-on-ios-arm64-heap.html?m=1

   ・ Heap Overflows on iOS ARM64: Heap Spraying, Use-After-Free (Part 3) – lanying37


• advisories/2022_netcomm_nf20mesh_unauth_rce.md at main · scarvell/advisories:
https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md

   ・ Netcomm - 未经身份验证的远程代码执行 – crazyman


• [CTF] HKCERT CTF 2022 Postmortem (I): Easier Crypto Challenges:
https://mystiz.hk/posts/2022/2022-12-24-hkcert-ctf-1/

   ・ hkcert ctf challenge offical writeup by Mystiz part1 – crazyman


• [Windows] Pass-the-Challenge: Defeating Windows Defender Credential Guard:
https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22

   ・ 如何在开启了Windows Defender Credential Guard保护的情况下获取NTLM hash。该方法主要通过控制LSASS进程的ALPC 通信通道与LSAIso进程通信,利用加密脆弱性破解NTLM hash。 – P4nda


• [macOS] GitHub - jhftss/POC: A public collection of POCs & Exploits for the vulnerabilities I discovered:
https://github.com/jhftss/POC

   ・ A public collection of POCs & Exploits (MacOS) – ThomasonZhao


• CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange:
https://kas.pr/9tqa

   ・ CVE-2022-41040 and CVE-2022-41082  MS Exchange RCE 漏洞的利用细节 – ThomasonZhao


• Data exfiltration using a COVID-bit attack:
https://kas.pr/xio8

   ・ 通过将CPU的供电电路变成Transmitter来从隔离的机器上偷数据。 – Atum


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-28)

版权声明:admin 发表于 2022年12月28日 上午10:22。
转载请注明:每日安全动态推送(12-28) | CTF导航

相关文章

暂无评论

暂无评论...