Tencent Security Xuanwu Lab Daily News

• Conquering the User-Land: Achieving Code Execution in SMM in the Dominion of RingHopper:
https://medium.com/@RingHopper/conquering-the-user-land-achieving-code-execution-in-smm-in-the-dominion-of-ringhopper-7a38f5ec7faa

   ・ 在RingHopper的领域中实现SMM代码执行的方法被揭示。该方法包括触发任意SMI、写入特定物理内存和生成DMA事务。 – SecTodayBot

• oss-security - Re: CVE-2022-46176: Cargo does not check SSH host keys:
https://www.openwall.com/lists/oss-security/2023/11/06/5

   ・ Rust的包管理器Cargo在通过SSH克隆索引和依赖时未执行SSH主机密钥验证，可能导致中间人攻击。 – SecTodayBot

• oss-security - CVE-2023-46851: Apache Allura: sensitive information exposure via import:
https://www.openwall.com/lists/oss-security/2023/11/06/6

   ・ Apache Allura存在敏感信息泄露漏洞(CVE-2023-46851) – SecTodayBot

• 疑似APT-C-36（盲眼鹰）组织投放Amadey僵尸网络木马活动分析:
https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247493843&idx=1&sn=5e99672abf3d1547e53fff6c5f9ecd20&chksm=f9c1dbdaceb652cc0d95a61afc0ea62b351eb7fc206e978917b3cd3b0dbe807dc15f27f66149&scene=178&cur_album_id=1955835290309230595#rd

   ・ APT-C-36（盲眼鹰）是南美洲的APT组织，主要攻击哥伦比亚、厄瓜多尔和巴拿马等地的政府部门、金融行业和大型公司，最新活动中尝试将Amadey僵尸网络木马加入攻击流程。 – SecTodayBot

• HEXACON2023 - Bypassing the HVCI memory protection by Viviane Zwanger and Henning Braun:
https://youtube.com/watch?v=WWvd2_jd0ZI

   ・ 绕过HVCI内存保护，揭示了新的安全漏洞。 – SecTodayBot

• GitHub - SecTheBit/Windows-Internals: Learnings about windows Internals:
https://GitHub.com/secthebit/windows-internals

   ・ 学习Windows内部机制，了解恶意软件开发和逆向工程的目的。 – SecTodayBot

• No Hat 2023 - mHACKeroni - [Keynote] mHACKeroni's Recipe for Hacking Satellites (and Winning!):
https://youtube.com/watch?v=jSQ2dE40DzY

   ・ mHACKeroni分享了他在黑客卫星方面的独门秘籍，让你了解如何赢得No Hat 2023比赛！ – SecTodayBot

• Uncovering a ZK-EVM Soundness Bug in zkSync Era:
https://link.medium.com/mF0HiHDToEb

   ・ Uncovering a ZK-EVM Soundness Bug in zkSync Era – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab