每日安全动态推送(6-26)
Tencent Security Xuanwu Lab Daily News
• Hacking for Defenders: approaches to DARPA’s AI Cyber Challenge:
https://security.googleblog.com/2024/06/hacking-for-defenders-approaches-to.html
・ 介绍了谷歌的OSS-Fuzz和安全工程团队参与设计AI Cyber Challenge,讨论了AI在保护开源项目和基础设施方面的应用。 – SecTodayBot
• Reverse Engineering eBPF Programs: A Deep Dive:
https://www.armosec.io/blog/ebpf-reverse-engineering-programs/
・ 介绍了eBPF技术在增强Kubernetes安全性方面的重要性,深入剖析了eBPF的内部工作机制和用法。 – SecTodayBot
• Wyze Cam v3 Urgent Update: Critical Vulnerability Grants Hackers Full Control:
https://securityonline.info/wyze-cam-v3-urgent-update-critical-vulnerability-grants-hackers-full-control/
・ 智能家居安全摄像头Wyze Cam v3存在多个严重漏洞,可被攻击者利用 – SecTodayBot
• IPC Fuzzing with Snapshots:
https://blog.mozilla.org/attack-and-defense/2024/06/24/ipc-fuzzing-with-snapshots/
・ 介绍了一种新的模糊测试方法——快照模糊测试,通过快照技术实现高效的模糊测试,解决了重新启动浏览器导致的性能问题。 – SecTodayBot
• New attack uses MSC files and Windows XSS flaw to breach networks:
https://www.bleepingcomputer.com/news/security/new-attack-uses-msc-files-and-windows-xss-flaw-to-breach-networks/
・ 利用特制的MSC文件和未修补的Windows XSS漏洞来执行代码,通过Microsoft Management Console部署Cobalt Strike – SecTodayBot
• Emulation with Qiling - LRQA Nettitude Labs:
https://labs.nettitude.com/blog/emulation-with-qiling/
・ 介绍了Qiling仿真框架及其在从路由器中仿真HTTP服务器二进制文件中的应用。 – SecTodayBot
• Researcher Unveils PoC for Windows Bluetooth Service RCE Vulnerability:
https://securityonline.info/researcher-unveils-poc-for-windows-bluetooth-service-rce-vulnerability/
・ 揭示了Windows蓝牙低功耗库中的一个高危漏洞,该漏洞可导致远程代码执行和本地权限提升攻击。研究人员公布了漏洞的技术细节和利用代码。 – SecTodayBot
• HTML entities that create ASCII characters inside a JavaScript URL - Shazzer:
https://shazzer.co.uk/vectors/667b4120d631543fa1c420a5
・ 讨论了一种使用HTML实体在JavaScript URL中进行模糊测试的新方法 – SecTodayBot
• Bludit CMS Faces Critical Security Vulnerabilities: RCE and More, No Patch Available:
https://securityonline.info/bludit-cms-faces-critical-security-vulnerabilities-rce-and-more-no-patch-available/
・ Bludit CMS面临严重的安全漏洞,包括远程代码执行等多个漏洞,暂无官方补丁。 – SecTodayBot
• Amnesiac: The PowerShell Post-Exploit Framework for Stealthy Lateral Movement:
https://meterpreter.org/amnesiac-the-powershell-post-exploit-framework-for-stealthy-lateral-movement/
・ 用于在活动目录环境中进行横向移动的后渗透框架。它具有通过命名管道进行命令执行、无需安装、用户友好界面和多功能的后渗透模块等特点。 – SecTodayBot
• Multiple TCC bypasses via SQLite environment variables:
https://wojciechregula.blog/post/multiple-tcc-bypasses-via-sqlite-env-vars/
・ 介绍了在Black Hat Europe 2022大会上披露的MacOS隐私机制漏洞,深入分析了漏洞的根本原因 – SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
