Tencent Security Xuanwu Lab Daily News

• I'm Building a Self-Destructing USB Drive:
https://interruptlabs.ca/2022/07/29/I-m-Building-a-Self-Destructing-USB-Drive/

   ・ 制作可自毁的U盘 – WireFish

• [BugTales] REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB:
https://labs.taszk.io/articles/post/reunzip/

   ・ 利用华为SD-Update模式的检测和使用时间不一致，替换更新数据包，绕过签名验证，获取root权限。 – P4nda

• Spam and phishing in 2022:
https://kas.pr/9ir7

   ・ 卡巴斯基 2022 年的垃圾邮件和钓鱼监测报告。包含2022年钓鱼邮件相关数据，图表，钓鱼手段，邮件样例等。 – ThomasonZhao

• [Browser] The new Bing & Edge – Learning from our first week:
https://blogs.bing.com/search/february-2023/The-new-Bing-Edge-–-Learning-from-our-first-week/

   ・ 微软关于new bing的一周总结。 – Atum

• Dissecting the Vulnerabilities - A Comprehensive Teardown of acmailer's N-Days:
https://starlabs.sg/blog/2023/02-dissecting-the-vulnerabilities-a-comprehensive-teardown-of-acmailer/

   ・ 深入剖析acmailer的两个nday漏洞-CVE-2021-20617 & CVE-2021-20618 – crazyman

• Citrix CVE-2022-27518 漏洞分析:
https://paper.seebug.org/2049/

   ・ Citrix CVE-2022-27518 漏洞分析 – lanying37

• [Tools] Blue Hat 2023 and UEFI Secure Boot:
http://vzimmer.blogspot.com/2023/02/blue-hat-2023-and-uefi-secure-boot.html

   ・ Blue Hat 2023，作者介绍了由其中一个 UEFI Secure Boot 演讲所引发出的思考和回顾。 – WireFish

• [Windows] EoP via Arbitrary File Write/Overwite in Group Policy Client “gpsvc” – CVE-2022-37955:
http://decoder.cloud/2023/02/16/eop-via-arbitrary-file-write-overwite-in-group-policy-client-gpsvc-cve-2022-37955/

   ・ Windows本地提权漏洞（CVE-2022-37955）细节，配置了文件首选项域组策略的用户可以通过符号链接以system权限造成任意文件覆盖，从而导致提权。 – P4nda

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab