Tencent Security Xuanwu Lab Daily News

• Detecting AiTM attacks in Azure Wed Jan 10, 2024:
https://ironpeak.be/blog/azure-detecting-aitm-attacks/

   ・ 文章介绍了一种检测和防范Office365账户 compromis 的新方法，通过使用Azure平台和自定义的逻辑应用程序，可以实现通过检查来源网站来预警非Microsoft域的登录尝试。 – SecTodayBot

• Analysis of an Info Stealer — Chapter 2: The iOS App:
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-2-the-ios-app-0529e7b45405

   ・ 对恶意iOS应用进行静态分析的技术细节 – SecTodayBot

• Windows Message Queuing Client (MSMQC) Information Disclosure:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20680

   ・ MSMQC 信息泄露 – SecTodayBot

• This AI Chatbot is Trained to Jailbreak Other Chatbots:
https://packetstormsecurity.com/news/view/35383

   ・ 研究人员训练了一种人工智能工具，用于生成新的方法以规避其他聊天机器人的防御，并创建恶意软件。 – SecTodayBot

• SSL Pinning Bypass Using Frida and Objection - Pentestguy:
https://pentestguy.com/ssl-pinning-bypass-using-frida-and-objection/

   ・ 如何使用Frida工具框架来绕过安卓应用程序的SSL Pinning – SecTodayBot

• Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360:
https://blog.securelayer7.net/unauthorized-rce-in-adobe-coldfusion/

   ・ 介绍了对Adobe ColdFusion产品中CVE-2023-263060漏洞的利用 – SecTodayBot

• MrBruh's Epic Blog:
https://mrbruh.com/chattr/

   ・ 揭露了Chattr.ai系统中的新漏洞，详细分析了漏洞的影响和利用方法 – SecTodayBot

• Linux devices are under attack by a never-before-seen worm:
https://arstechnica.com/security/2024/01/a-previously-unknown-worm-has-been-stealthily-targeting-linux-devices-for-a-year/

   ・ Linux设备遭遇自我复制的恶意软件NoaBot，对SSH连接密码进行攻击并安装加密货币挖矿软件，其使用新技术隐藏配置设置。 – SecTodayBot

• One Supply Chain Attack to Rule Them All:
https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/

   ・ GitHub Actions runners遭遇严重配置漏洞，可能导致供应链攻击。 – SecTodayBot

• AFL 语法变异插件 Grammar-Mutator 的基本使用:
https://paper.seebug.org/3108/

   ・ 本文介绍了在fuzzing中使用AFL++和Grammar-Mutator的方法。 – SecTodayBot

• Protection Highlight: Hunters International Ransomware:
https://www.broadcom.com/support/security-center/protection-bulletin/protection-highlight-hunters-international-ransomware

   ・ 分析了Hunters International勒索软件 – SecTodayBot

• 30 Years of Decompilation and the Unsolved Structuring Problem: Part 2:
https://mahaloz.re/dec-history-pt2

   ・ 该文章讨论了反编译研究的历史和当前状态，重点关注了控制流结构化技术的现状和未解决的问题。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab