Electron Research:https://github.com/msrkp/electron-research
・ Electron Prototype Pollution XSS 漏洞的影响 – Jett
Patch diffing CVE-2022–21907:https://piffd0s.medium.com/patch-diffing-cve-2022-21907-b739f4108eee
・ HTTP 协议栈 RCE 漏洞 CVE-2022–21907 的补丁分析 – Jett
[Windows] 2228 - Windows: EFSRPC Arbitrary File Upload EoP - project-zero:https://bugs.chromium.org/p/project-zero/issues/detail?id=2228
・ Windows EFSRPC 服务任意文件上传本地提权漏洞分析(CVE-2021-43893) – Jett
[Attack] The BlueNoroff cryptocurrency hunt is still on:https://securelist.com/the-bluenoroff-cryptocurrency-hunt-is-still-on/105488/
・ APT 组织 BlueNoroff 近期的关注点是加密货币 – Jett
trailofbits/manticore:https://github.com/trailofbits/manticore
・ Manticore - trailofbits 开源的符号执行工具,用于分析智能合约和二进制文件 – Jett
Audit of the MimbleWimble Integration Inside Litecoin:http://blog.quarkslab.com/audit-of-the-mimblewimble-integration-inside-litecoin.html
・ Litecoin 区块链 MimbleWimble 协议实现的安全性研究 – Jett
Fake dnSpy - 当黑客也不讲伍德:http://paper.seebug.org/1812/
・ Fake dnSpy - 当黑客也不讲伍德. – lanying37
SCTF两道web题的writeup及出题感想:https://tttang.com/archive/1393/
・ SCTF两道web题的writeup及出题感想. – lanying37
CVE-2021-42342 Goahead 环境变量注入漏洞分析:https://bestwing.me/CVE-2021-42342-Goahead.html
・ CVE-2021-42342 Goahead 环境变量注入漏洞分析 – Jett
[Windows] Searching for Deserialization Protection Bypasses in Microsoft Exchange (CVE-2022–21969):@frycos/searching-for-deserialization-protection-bypasses-in-microsoft-exchange-cve-2022-21969-bfa38f63a62d" rel="nofollow" style="box-sizing: border-box; color: rgb(0, 123, 255); text-decoration: none; background-color: transparent;">https://medium.com/@frycos/searching-for-deserialization-protection-bypasses-in-microsoft-exchange-cve-2022-21969-bfa38f63a62d
・ Searching for Deserialization Protection Bypasses in Microsoft Exchange (CVE-2022–21969) – Jett
North Korean APTs Stole ~$400M in Crypto in 2021:https://threatpost.com/north-korea-apts-stole-400m-cryptocurrency/177638/
・ 据报道,2021 年朝鲜 APT 组织 Lazarus 共窃取加密货币 4 亿美金 – Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 微信公众号: 腾讯玄武实验室
+关注
快速开通微博你可以查看更多内容,还可以评论、转发微博。