Tencent Security Xuanwu Lab Daily News

• CodeQL Path Graphs:
https://remcovermeulen.com/posts/codeql-path-graphs/

   ・ GitHub的Code Scanning功能提供了CodeQL路径查询和路径图的技术解释，为安全分析和模糊测试提供了新方法。 – SecTodayBot

• Android SSL Pinning Bypass (Part 1):
https://medium.com/@osamaavvan/android-ssl-pinning-bypass-part-1-ddd8e93bbd5d

   ・ 安卓SSL Pinning Bypass的基本技术和工具，重点讨论了通过滥用network_security_config.xml文件来绕过SSL pinning的方法。 – SecTodayBot

• DDoS-as-a-Service: The Rebirth Botnet:
https://sysdig.com/blog/ddos-as-a-service-the-rebirth-botnet/

   ・ 介绍了一种成熟且不断增长的 DDoS 服务僵尸网络，该服务基于 Mirai 恶意软件家族，由具有财务动机的威胁行为者操作，主要针对视频游戏社区，并通过 Telegram 和在线商店进行服务推广。 – SecTodayBot

• Time Series Analysis by Leveraging GPT-4o Vision for Threat Intel:
https://blog.securitybreak.io/time-series-analysis-by-leveraging-gpt-4o-vision-for-threat-intel-d0b3225a40c9

   ・ 讨论了如何利用生成式人工智能来改善威胁情报分析和可视化能力，以及如何用Python和Bokeh库进行威胁情报分析。 – SecTodayBot

• Post-Exploiting an F5 Big-IP: root, and now what?:
https://offsec.almond.consulting/post-exploiting-f5-BIG-IP.html

   ・ 详细介绍了Almond OffSec成员利用CVE-2022-1388漏洞获取特权访问的过程，包括利用MITM攻击设置F5设备的过程。 – SecTodayBot

• How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet:
https://www.wired.com/story/roboform-password-3-million-dollar-crypto-wallet/

   ・ 介绍了一起加密货币取回案例，以及对RoboForm密码管理器伪随机数生成器漏洞的详细分析。 – SecTodayBot

• Detailed workings of OTA for SIM/USIM/eUICC:
https://media.ccc.de/v/osmodevcon2024-175-detailed-workings-of-ota-for-sim-usim-euicc

   ・ 介绍了OTA（空中下载）架构的细节，包括OTA传输和地址个别应用程序的方法。 – SecTodayBot

• LDAPWordlistHarvester - A Tool To Generate A Wordlist From The Information Present In LDAP, In Order To Crack Passwords Of Domain Accounts:
https://www.kitploit.com/2024/05/ldapwordlistharvester-tool-to-generate.html

   ・ 介绍了LDAPWordlistHarvester工具，用于从LDAP中生成密码破解的字典文件。该工具可用于安全测试，对于域账户的密码破解具有一定的实用性。 – SecTodayBot

• Kiteshield Packer is Being Abused by Linux Cyber Threat Actors:
https://blog.xlab.qianxin.com/kiteshield_packer_is_being_abused_by_linux_cyber_threat_actors/

   ・ 针对Linux ELF二进制文件使用的Kiteshield packer进行了详细分析，揭示了其加密方法和逃避检测的技术 – SecTodayBot

• Race condition in 9p file system.:
https://r00tkitsmm.github.io/fuzzing/2024/05/29/Race-into-9p.html

   ・ 揭示了Linux内核中的一个use-after-free漏洞，包括了漏洞的详细分析和利用漏洞所需的POC。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab