每日安全动态推送(12-18)
2023-12-18 18:12:14 Author: mp.weixin.qq.com(查看原文) 阅读量:1 收藏

Tencent Security Xuanwu Lab Daily News

• Mobile Malware Analysis Part 1 – Leveraging Accessibility Features To Steal Crypto Wallet:
https://8ksec.io/mobile-malware-analysis-part-1-crypto-wallet-stealer/

   ・ 移动恶意软件分析系列教程 – WireFish

• The mysterious second parameter to the x86 ENTER instruction:
https://devblogs.microsoft.com/oldnewthing/20231211-00/?p=109126

   ・ 对x86指令集中的enter指令的第二个参数作用方法的讨论 – WireFish

• 5Ghoul 漏洞及其影响分析:
https://paper.seebug.org/3087/

   ・ 主流 5G 移动网络调制解调器存在 5Ghoul 漏洞,可利用 5Ghoul 漏洞中断和冻结智能手机和 CPE 路由器上的 5G 连接 – WireFish

• Rhysida Ransomware:
https://www.shadowstackre.com/analysis/rhysida

   ・ 介绍了Rhysida勒索软件的攻击方式、加密方法和持久化手段 – SecTodayBot

• Exploiting a remote heap overflow with a custom TCP stack:
https://www.synacktiv.com/en/publications/exploiting-a-remote-heap-overflow-with-a-custom-tcp-stack.html

   ・ 介绍了对Western Digital MyCloudHome设备中Netatalk协议的DSI层漏洞的详细分析和利用  – SecTodayBot

• Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol:
https://securelist.com/unveiling-nkabuse/111512/

   ・ 卡巴斯基披露了一个新的多平台威胁软件NKAbuse,由Go语言编写,使用P2P以及面向区块链的网络通信来实现去中心化自治,该恶意软件拥有洪水攻击、注入后门等能力。 – WireFish

• npm search RCE? - Escape Sequence Injection:
https://blog.solidsnail.com/posts/npm-esc-seq

   ・ npm 逃逸序列注入漏洞,为终端仿真器和其下运行的应用程序的新测试方法。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959466&idx=1&sn=fa6e37e8e6d41d18bcb6a927ad8d1297&chksm=8baed035bcd95923675bf5b29e36cf57180756a58c36dd94171265b3eb502bafd948cc693ab8&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh