每日安全动态推送(09-13)

Tencent Security Xuanwu Lab Daily News

• Attackers Can Bypass GitHub Required Reviewers to Submit Malicious Code:

   ・ 绕过 GitHub Required Reviewers 限制，向开源代码库提交恶意代码 – 

• [Fuzzing] google/silifuzz:

   ・ SiliFuzz - Fuzzing CPUs by proxy – 

• The seventh way to call a JavaScript function without parentheses:

   ・ 不使用括号调用 JavaScript 函数的技巧 – 

• Paper read <<The Convergence of Source Code and Binary Vulnerability Discovery – A Case Study>>:

   ・ 论文“The Convergence of Source Code and Binary Vulnerability Discovery – A Case Study”的解读 – 

• Chiseling In: Lorenz Ransomware Group Cracks MiVoice And Calls Back For Free - Arctic Wolf:

   ・ Lorenz 勒索软件利用 Mitel MiVoice 的漏洞入侵目标公司，利用 BitLocker 实现数据加密 – 

• Authenticode (I): Understanding Windows Authenticode:

   ・ Authenticode (I): Understanding Windows Authenticode – 

• “GIFShell” — Covert Attack Chain and C2 Utilizing Microsoft Teams GIFs:

   ・ 利用 Microsoft Teams 的 GIF 图片处理流程实现隐蔽的 C&C – 

• 2301 - Windows: Credential Guard ASN1 Decoder Type Confusion EoP - project-zero:

   ・ Windows Kerberos CG API 在处理 ASN1 数据结构时缺乏对 PDU 类型的检查，导致本地提权漏洞（CVE-2022-34709） – 

• GitHub - bytedance/Elkeid: Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.:

   ・ Elkeid - 一个云原生的基于主机的安全(入侵检测与风险识别)解决方案 – 

• [Fuzzing, Tools] GitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis. Featured at Black Hat Arsenal USA 2022.:

   ・ Fuzzable - 通过静态分析定位可 Fuzz 目标的工具 – 

* 查看或搜索历史推送内容请访问：

* 新浪微博账号： 腾讯玄武实验室