长亭百川云 - 文章详情

每日安全动态推送(6-14)

腾讯玄武实验室

76

2024-07-13

Tencent Security Xuanwu Lab Daily News

• Introducing YetiHunter: An open-source tool to detect and hunt for suspicious activity in Snowflake:
https://permiso.io/blog/introducing-yetihunter-an-open-source-tool-to-detect-and-hunt-for-suspicious-activity-in-snowflake

   ・ YetiHunter是一款用于检测和追踪Snowflake中可疑活动的开源工具,提供了Snowflake受到攻击的详细分析和介绍 – SecTodayBot

• FortiOS Vulnerability Let Attackers Execute Unauthorized Commands:
https://cybersecuritynews.com/fortios-vulnerability-unauthorized-commands/

   ・ 披露了FortiOS命令行解释器中的多个基于堆栈的缓冲区溢出漏洞(CVE-2024-23110) – SecTodayBot

• Driving forward in Android drivers:
https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html

   ・ 讨论了对安卓设备驱动程序的安全研究,重点探讨了发现和研究这些驱动程序的新方法。 – SecTodayBot

• ChatGPT Account Takeover - Wildcard Web Cache Deception:
https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html

   ・ 介绍了一种新的利用路径遍历URL解析混淆来实现“通配符”缓存欺骗漏洞的方法,揭示了ChatGPT中的新漏洞 – SecTodayBot

• Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution:
https://packetstormsecurity.com/files/179083

   ・ Rejetto HTTP File Server (HFS) version 2.x存在未经身份验证的服务器端模板注入(SSTI)漏洞,攻击者可以利用该漏洞执行代码并以运行HFS.exe服务器进程的用户帐户权限运行。 – SecTodayBot

• What’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 2):
https://labs.jumpsec.com/whats-in-a-name-writing-custom-dns-tunnelling-protocol-exploiting-unexpected-aws-lambda-misconfiguration-in-a-web-app-pen-test-part-2/

   ・ 在网络应用渗透测试中利用AWS Lambda功能进行远程代码执行和数据泄露的过程。 – SecTodayBot

• 2/6 | Exposing Malicious Extensions: Shocking Statistics from the VS Code Marketplace:
https://medium.com/@amitassaraf/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace-cf88b7a7f38f

   ・ VSCode扩展市场存在大量恶意和高风险的扩展,其中一些包含已知的恶意依赖项,尝试读取主机系统上的文件,与硬编码的IP地址通信,运行未知的可执行文件或DLL,并包含硬编码的秘密信息。 – SecTodayBot

• oss-security - Re: Security vulnerability in fprintd:
https://www.openwall.com/lists/oss-security/2024/06/13/2

   ・ 介绍了fprintd软件中的安全漏洞,详细分析了漏洞的根本原因,讨论了与sudo的PAM模块交互以及潜在的安全问题。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab

相关推荐
关注或联系我们
添加百川云公众号,移动管理云安全产品
咨询热线:
4000-327-707
百川公众号
百川公众号
百川云客服
百川云客服

Copyright ©2024 北京长亭科技有限公司
icon
京ICP备 2024055124号-2