Pinduoduo - CVE-2023-20963 and a leaked potentially compromised signing key | allinfosecnews.com

March 28, 2023, 5:32 a.m. | /u/digicat

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

tl;dr

Chinese shopping app deployed LPE 0day when distributed via some channels.

Confused situation.. expect more to follow

Analysis

* [https://mp-weixin-qq-com.translate.goog/s/P\_EYQxOEupqdU0BJMRqWsw?\_x\_tr\_sl=auto&\_x\_tr\_tl=en&\_x\_tr\_hl=en-US](https://mp-weixin-qq-com.translate.goog/s/P_EYQxOEupqdU0BJMRqWsw?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US)
* [https://github-com.translate.goog/davinci1012/pinduoduo\_backdoor\_unpacker?\_x\_tr\_sl=ru&\_x\_tr\_tl=en&\_x\_tr\_hl=en&\_x\_tr\_pto=wapp](https://github-com.translate.goog/davinci1012/pinduoduo_backdoor_unpacker?_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp)

News:

[https://arstechnica.com/information-technology/2023/03/android-app-from-china-executed-0-day-exploit-on-millions-of-devices/](https://arstechnica.com/information-technology/2023/03/android-app-from-china-executed-0-day-exploit-on-millions-of-devices/)

0day analysis app blueteamsec chinese compromised cve distributed expect key leaked lpe pinduoduo shopping signing

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

CVE-2024-21111 - Local Privilege Escalation in Oracle VirtualBox 9 hours ago | www.reddit.com

blueteamsec cve cve-2024 escalation +7

How I hacked into Google’s internal corporate assets [tl;dr: dependency confusion] 13 hours ago | www.reddit.com

assets blueteamsec corporate dependency +4

here's my blog on Phishing Email Investigation: A Step-by-Step Analysis 17 hours ago | www.reddit.com

analysis blog blueteamsec email +2

(The) Postman Carries Lots of Secrets - "We estimate over 4,000 live credentials are currently … 20 hours ago | www.reddit.com

blueteamsec cloud credentials live +4

Hunting for a Sliver in a haystack 1 day, 9 hours ago | www.reddit.com

blueteamsec haystack hunting sliver

Nation-State Threat Actors Renew Publications to npm 1 day, 14 hours ago | www.reddit.com

blueteamsec nation npm publications +3

Guidance for Incident Responders 1 day, 17 hours ago | www.reddit.com

blueteamsec guidance incident incident responders

JA4T: TCP Fingerprinting - And How to Use It to Block Over 60% of Internet … 2 days, 6 hours ago | www.reddit.com

block blueteamsec fingerprinting internet +3

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 2 days, 8 hours ago | www.reddit.com

arcanedoor blueteamsec campaign devices +6

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Security Engineer 2

@ Oracle | BENGALURU, KARNATAKA, India

View on infosec-jobs.com

Oracle EBS DevSecOps Developer

@ Accenture Federal Services | Arlington, VA

View on infosec-jobs.com

Information Security GRC Specialist - Risk Program Lead

@ Western Digital | Irvine, CA, United States

View on infosec-jobs.com

Senior Cyber Operations Planner (15.09)

@ OCT Consulting, LLC | Washington, District of Columbia, United States

View on infosec-jobs.com

AI Cybersecurity Architect

@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)

View on infosec-jobs.com