每日安全动态推送(7-17)
Tencent Security Xuanwu Lab Daily News
• Kdrill: Python tool to check rootkits in Windows kernel:
https://meterpreter.org/kdrill-python-tool-to-check-rootkits-in-windows-kernel/
・ Kdrill是一款用于分析Windows内核的工具,可以检测内核是否被rootkit – SecTodayBot
• CVE-2024-31411: Apache StreamPipes: Potential remote code execution (RCE) via file upload:
https://seclists.org/oss-sec/2024/q3/80
・ Apache StreamPark中的RCE漏洞 – SecTodayBot
• APKscan: Scan for secrets, endpoints, and other sensitive data in Android files:
https://meterpreter.org/apkscan-scan-for-secrets-endpoints-and-other-sensitive-data-in-android-files/
・ APKscan是一款用于在Android文件中扫描和识别敏感数据和漏洞的工具,它提供了自定义规则、多种输出格式等灵活的功能,适用于广泛的Android相关文件,并涉及反向工程和应用程序安全机制分析。 – SecTodayBot
• Hollow Process Injection:
https://www.darkrelay.com/post/demystifying-hollow-process-injection
・ 介绍Hollow进程注入的技术原理和利用方法 – SecTodayBot
• Security's Achilles' Heel: Vulnerable Drivers on the Prowl:
https://www.securityjoes.com/post/security-s-achilles-heel-vulnerable-drivers-on-the-prowl
・ 介绍了BYOVD技术(Bring Your Own Vulnerable Driver)的利用 – SecTodayBot
• MSI’s Massive Security Breach: 600K+ Warranties Exposed:
https://securityonline.info/msis-massive-security-breach-600k-warranties-exposed/
・ 主板制造商MSI和Zotac因为没有正确配置服务器权限而导致大规模安全漏洞,泄露了超过60万用户的详细信息 – SecTodayBot
• Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent:
https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/
・ Havoc C2团队服务器中的未经身份验证的SSRF漏洞 – SecTodayBot
• Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example:
https://github.com/otsmr/blackbox-fuzzing
・ 对TL-WR902AC路由器进行黑盒模糊测试 – SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
