Tencent Security Xuanwu Lab Daily News

• Mali GPU Kernel LPE:
https://github.com/0x36/Pixel_GPU_Exploit

   ・ 详细分析了Mali GPU内核漏洞及其利用方式，包括整数溢出和时间线流消息缓冲区内的信息泄露。 – SecTodayBot

• ThievingFox - Remotely retrieving credentials from password managers and Windows utilities:
https://blog.slowerzs.net/posts/thievingfox/

   ・ 该工具是用于在渗透测试中收集凭据的后渗透工具。它通过注入恶意库来实现对目标应用程序的内存挂钩。 – SecTodayBot

• GhostRace (CVE-2024-2193): Processor Flaws Enable Kernel Attacks:
https://securityonline.info/ghostrace-cve-2024-2193-processor-flaws-enable-kernel-attacks/

   ・ 介绍了GhostRace（CVE-2024-2193）和IPI Storming（CVE-2024-26602）漏洞，以及对具体漏洞原因的详细分析。还介绍了SCUAF Gadget Scanner和SRC的PoC. – SecTodayBot

• Stealing Part Of A Production Language Model:
https://packetstormsecurity.com/files/177567

   ・ 介绍了一种模型窃取攻击，可以从黑盒生产语言模型中提取精确的、非平凡的信息。该攻击揭示了一些知名语言模型的隐藏维度。 – SecTodayBot

• Sandboxing Python with Win32 App Isolation:
https://blogs.windows.com/windowsdeveloper/2024/03/06/sandboxing-python-with-win32-app-isolation/

   ・ Win32 App Isolation 提供了一种新的方法来对 Python 进行沙盒化 – SecTodayBot

• ARM Exploitation - Setup and Tools:
https://blog.3or.de/arm-exploitation-setup-and-tools

   ・ 介绍了如何在虚拟化环境中搭建一个易受攻击的HTTP守护程序，以及分析漏洞和利用的相关指令和脚本。 – SecTodayBot

• Android Native Library Exploitation Challenge:
https://devilinside.me/blogs/android-native-library-exploitation-challenge

   ・ Android Native Library Exploitation Challenge – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab