每日安全动态推送(6-17)

Tencent Security Xuanwu Lab Daily News

• GHSL-2024-001_GHSL-2024-003: Remote DoS and potential authentication bypasses in RubyGems.org - CVE-2024-35221:
https://securitylab.github.com/advisories/GHSL-2024-001_GHSL-2024-003_rubygems_org/

   ・ RubyGems.org远程DoS漏洞和潜在的身份验证绕过漏洞。 – SecTodayBot

• NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!):
https://dlvr.it/T8MPxq

   ・ 介绍了一种名为NativeDump的工具，它使用本机API来转储lsass进程，不涉及新漏洞信息，而是讨论了使用本机API转储lsass进程的功能和用法。 – SecTodayBot

• poutine: Find Supply Chain Vulnerabilities Fast:
https://meterpreter.org/poutine-find-supply-chain-vulnerabilities-fast/

   ・ poutine是一款安全扫描工具，可用于检测存储库构建流水线中的错误配置和漏洞 – SecTodayBot

• GitHub - sigstore/model-transparency: Supply chain security for ML:
https://github.com/sigstore/model-transparency

   ・ Supply chain security for ML。专注于机器学习pipeline的安全性，提供与确保机器学习模型的完整性和来源相关的实用程序和示例。 – SecTodayBot

• Working as Intended: The Unauditable, Unmanageable Keys in Google Cloud by Kat Traxler:
https://www.vectra.ai/blog/working-as-intended-the-unauditable-unmanageable-keys-in-google-cloud

   ・ Google Cloud HMAC Keys存在三个漏洞，包括日志记录不足、长期凭证难以管理和长期凭证无法审计。 – SecTodayBot

• stack frames size in DWARF:
https://redplait.blogspot.com/2024/06/stack-frames-size-in-dwarf.html

   ・ 围绕内核中的堆栈大小以及从DWARF调试信息中提取堆栈帧大小展开讨论 – SecTodayBot

• PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows):
https://dlvr.it/T8GZvX

   ・ 揭示了PHP存在的一个远程代码执行漏洞(CVE-2024-4577)，并提供了利用该漏洞的利用脚本。 – SecTodayBot

• Malcolm: Powerful, easily deployable network traffic analysis tool suite:
https://meterpreter.org/malcolm-powerful-easily-deployable-network-traffic-analysis-tool-suite/

   ・ Malcolm是一个强大的网络流量分析工具套件，旨在提供易于部署的解决方案，支持全数据包捕获文件（PCAP）和Zeek（以前称为Bro）日志，并具有强大的流量分析和安全通信功能。 – SecTodayBot

• CVE-2024-20693: Windows cached code signature manipulation:
https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation/

   ・ 介绍了Windows中的一个新漏洞CVE-2024-20693，该漏洞允许操纵可执行文件或DLL的缓存签名签名级别。 – SecTodayBot

• CVE-2024-26229 Beacon Object Files:
https://github.com/NVISOsecurity/CVE-2024-26229-BOF

   ・ 对Cobalt Strike和BruteRatel的Beacon Object File（BOF）漏洞利用实现 – SecTodayBot

• Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces – Horizon3.ai:
https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces/

   ・ 披露了AI公司Hugging Face平台中的潜在漏洞和漏洞，对Gradio框架中的漏洞CVE-2023-51449和CVE-2024-1561进行了详细分析。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab