Tencent Security Xuanwu Lab Daily News

• Solving SandboxAQ's Post-Quantum Crypto CTF:
http://blog.quarkslab.com/sandboxaq-ctf-2024.html

   ・ 讨论了关于后量子密码学的挑战，尤其是Kyber密钥交换机制的攻击过程 – SecTodayBot

• (Anti-)Anti-Rootkit Techniques - Part I: UnKovering mapped rootkits:
https://eversinc33.com/posts/anti-anti-rootkit-part-i/

   ・ 该文章介绍了一种新的反Rootkit技术——unKover工具，讨论了手动驱动程序映射的相关内容 – SecTodayBot

• State-backed Curious Serpens Hackers Evolve with FalseFont Backdoor:
https://securityonline.info/state-backed-curious-serpens-hackers-evolve-with-falsefont-backdoor/

   ・ 伊朗威胁组织Curious Serpens的最新网络间谍活动中出现了一种名为FalseFont的高级后门，该后门伪装成招聘应用程序，以窃取航空航天和国防行业的敏感信息 – SecTodayBot

• oss-security - Firefox 124.0.1 fixes two critical JavaScript engine vulnerabilities:
https://www.openwall.com/lists/oss-security/2024/03/23/1

   ・ 介绍了Firefox JavaScript引擎的两个关键漏洞，包括漏洞的根本原因和技术细节的分析。其中，提到了在Pwn2Own比赛中Manfred Paul的成功演示。 – SecTodayBot

• Reverse Engineering and Bug Hunting on KMDF Drivers:
https://github.com/IOActive/kmdf_re

   ・ 介绍了针对KMDF驱动程序的逆向工程和漏洞挖掘 – SecTodayBot

• Unleashing the Secrets:A Full Analysis for the Complex LODEINFO v0.7.1 | Suguru Ishimaru:
https://www.youtube.com/watch?v=zSEySLeWrMQ

   ・ 对复杂的LODEINFO v0.7.1进行了全面分析 – SecTodayBot

• naively bypassing new memory scanning POCs:
https://sillywa.re/posts/flower-da-flowin-shc/

   ・ 介绍了关于内存逃避、恶意软件检测和漏洞利用缓解的方法，包括发现隐蔽植入物和内存威胁检测的途径。该文章提到了在BLACKHAT ASIA 2023上John Uhlmann的演讲。 – SecTodayBot

• BlueSpy – Spying on Bluetooth conversations:
https://www.tarlogic.com/blog/bluespy-spying-on-bluetooth-conversations/

   ・ 介绍了对蓝牙耳机存在的安全漏洞进行利用，以窃听私人对话。通过BSAM安全方法论的发布，揭示了多款蓝牙耳机存在的安全问题，并演示了利用Python脚本自动化利用蓝牙设备中常见漏洞的过程。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab