Tencent Security Xuanwu Lab Daily News

• Getting RCE in Chrome with incomplete object initialization in the Maglev compiler:
https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the-maglev-compiler/

   ・ Chrome浏览器的CVE-2023-4069漏洞已修复，该漏洞存在于v8 JavaScript引擎中的Maglev编译器，可导致远程代码执行。 – SecTodayBot

• feat: memory module by secDre4mer · Pull Request #1991 · VirusTotal/yara:
https://github.com/VirusTotal/yara/pull/1991

   ・ 使用yara公共特征库来检测内存模块中的恶意代码 – SecTodayBot

• Bloodhound Enterprise: securing Active Directory using graph theory:
https://posts.specterops.io/bloodhound-enterprise-securing-active-directory-using-graph-theory-1d0730e4c741

   ・ 使用图论来保护Active Directory，解决了安全领域中的复杂问题，帮助管理员采取精确可衡量的措施来保护关键资产。 – SecTodayBot

• ARM 64 Assembly Series — Data Processing (Part 1):
https://valsamaras.medium.com/arm-64-assembly-series-data-processing-part-1-b6f6f877c56b

   ・ ARM 64 汇编教程系列 — 数据处理（第 1 部分） – lanying37

• Cobalt Strike .VBS Loader - Decoding with Advanced CyberChef and Emulation:
https://embee-research.ghost.io/decoding-a-cobalt-strike-vba-loader-with-cyberchef

   ・ 展示如何解码用于将Cobalt Strike shellcode加载到内存中的复杂.vbs脚本，并通过利用CyberChef和正则表达式来击败文本基础混淆。 – SecTodayBot

• ChatAFLndss/ChatAFL:
https://github.com/ChatAFLndss/ChatAFL

   ・ 由大型语言模型（LLMs）引导的协议模糊测试工具，它结合了三个具体组件：使用LLM提取用于结构感知变异的协议的机器可读语法；使用LLM增加记录消息序列中消息多样性作为初始种子；使用LLM打破覆盖率平台，生成消息以达到新状态。 – SecTodayBot

• msdocsviewer:
https://github.com/alexander-hanel/msdocsviewer

   ・ 解析Microsoft的win32 API和驱动程序文档，以在IDA中使用。 – SecTodayBot

• mXSS vulnerability in TinyMCE undo/redo, getContent API, resetContent API, and Autosave plugin:
https://github.com/tinymce/tinymce/security/advisories/GHSA-v65r-p3vv-jjfv

   ・ TinyMCE核心功能存在mXSS漏洞，影响undo/redo、getContent API、resetContent API和Autosave插件。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab