每日安全动态推送(3-26)
2024-3-26 11:36:42 Author: mp.weixin.qq.com(查看原文) 阅读量:8 收藏

Tencent Security Xuanwu Lab Daily News

• Solving SandboxAQ's Post-Quantum Crypto CTF:
http://blog.quarkslab.com/sandboxaq-ctf-2024.html

   ・ 讨论了关于后量子密码学的挑战,尤其是Kyber密钥交换机制的攻击过程 – SecTodayBot

• (Anti-)Anti-Rootkit Techniques - Part I: UnKovering mapped rootkits:
https://eversinc33.com/posts/anti-anti-rootkit-part-i/

   ・ 该文章介绍了一种新的反Rootkit技术——unKover工具,讨论了手动驱动程序映射的相关内容 – SecTodayBot

• State-backed Curious Serpens Hackers Evolve with FalseFont Backdoor:
https://securityonline.info/state-backed-curious-serpens-hackers-evolve-with-falsefont-backdoor/

   ・ 伊朗威胁组织Curious Serpens的最新网络间谍活动中出现了一种名为FalseFont的高级后门,该后门伪装成招聘应用程序,以窃取航空航天和国防行业的敏感信息 – SecTodayBot

• oss-security - Firefox 124.0.1 fixes two critical JavaScript engine vulnerabilities:
https://www.openwall.com/lists/oss-security/2024/03/23/1

   ・ 介绍了Firefox JavaScript引擎的两个关键漏洞,包括漏洞的根本原因和技术细节的分析。其中,提到了在Pwn2Own比赛中Manfred Paul的成功演示。 – SecTodayBot

• Reverse Engineering and Bug Hunting on KMDF Drivers:
https://github.com/IOActive/kmdf_re

   ・ 介绍了针对KMDF驱动程序的逆向工程和漏洞挖掘 – SecTodayBot

• Unleashing the Secrets:A Full Analysis for the Complex LODEINFO v0.7.1 | Suguru Ishimaru:
https://www.youtube.com/watch?v=zSEySLeWrMQ

   ・ 对复杂的LODEINFO v0.7.1进行了全面分析 – SecTodayBot

• naively bypassing new memory scanning POCs:
https://sillywa.re/posts/flower-da-flowin-shc/

   ・ 介绍了关于内存逃避、恶意软件检测和漏洞利用缓解的方法,包括发现隐蔽植入物和内存威胁检测的途径。该文章提到了在BLACKHAT ASIA 2023上John Uhlmann的演讲。 – SecTodayBot

• BlueSpy – Spying on Bluetooth conversations:
https://www.tarlogic.com/blog/bluespy-spying-on-bluetooth-conversations/

   ・ 介绍了对蓝牙耳机存在的安全漏洞进行利用,以窃听私人对话。通过BSAM安全方法论的发布,揭示了多款蓝牙耳机存在的安全问题,并演示了利用Python脚本自动化利用蓝牙设备中常见漏洞的过程。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959574&idx=1&sn=24d1c480bb0c34d9118c56c6503f3953&chksm=8baed189bcd9589f44fa42e3aad75028574967dc88fbf0d0db54eff4dc8b79042f4d9b42c528&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh