每日安全动态推送(03-24)

玄武实验室实习生招聘已启动，具体岗位及简历投递方式请查看《腾讯安全玄武实验室 2021 实习生招募令 》。

欢迎各位同学投递！

Tencent Security Xuanwu Lab Daily News

• 眼见不一定为实：对电子邮件伪造攻击的大规模分析:
https://mp.weixin.qq.com/s/RPz_1kKuq5–IANwT_Qvvg

   ・ 眼见不一定为实：对电子邮件伪造攻击的大规模分析 – Jett

• Stealing arbitrary GitHub Actions secrets:
https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html

   ・ Stealing arbitrary GitHub Actions secrets – Jett

• Speculating The Entire X86-64 Instruction Set In Seconds With This One Weird Trick:
https://blog.can.ac/2021/03/22/speculating-x86-64-isa-with-one-weird-trick/

   ・ 利用侧信道的方式推测出整个 X86-64 指令集 – Jett

• Accellion Supply Chain Hack:
https://www.schneier.com/blog/archives/2021/03/accellion-supply-chain-hack.html

   ・ 文件传输软件 Accellion 被用于攻击新西兰中央银行 – Jett

• [Conference] PancakesCon – YouTube:
https://www.youtube.com/channel/UCAnBQGSBDlEbq11dkAreUGg

   ・ PancakesCon 安全会议视频公开了 – Jett

• A Year in the Life of a Compiler Fuzzing Campaign:
https://blog.trailofbits.com/2021/03/23/a-year-in-the-life-of-a-compiler-fuzzing-campaign/

   ・ Trail of Bits 对区块链 Compiler 的 Fuzz – Jett

• 黑客组织 Kek Security:
https://paper.seebug.org/1520/

   ・ 针对黑客组织 Kek Security的恶意软件溯源。 – lanying37

• QEMU Heap Overflow in SDHCI Component:
https://starlabs.sg/advisories/21-3409/

   ・ QEMU Heap Overflow in SDHCI Component – Jett

• RemRAT：潜伏在中东多年的Android间谍软件:
https://blogs.360.cn/post/analysis-of-RemRAT.html

   ・ RemRAT：潜伏在中东多年的Android间谍软件 – Jett

• EDRs:
https://github.com/Mr-Un1k0d3r/EDRs

   ・ 有研究员整理的各个 EDR 防护软件在各个模块的 Hook API 列表 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab