长亭百川云 - 文章详情

每日安全动态推送(7-30)

腾讯玄武实验室

56

2024-08-08

Tencent Security Xuanwu Lab Daily News

• ESXi Security-hardening | change the default “ESX Admins” AD group:
https://mosnotes.com/2018/12/05/esxi-security-hardening-change-the-default-esx-admins-ad-group/

   ・ 通过更改默认AD组来保护ESXi主机的新方法,使用了GUI和PowerCLi – SecTodayBot

• Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | FortiGuard Labs:
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

   ・ 分析了Microsoft Windows SmartScreen中的安全绕过漏洞CVE-2024-21412以及黑客利用该漏洞的攻击技术 – SecTodayBot

• VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns:
https://blog.rapid7.com/2024/07/30/vmware-esxi-cve-2024-37085-targeted-in-ransomware-campaigns/

   ・ 微软关于影响 VMware ESXi hypervisors 的 CVE-2024-37085 漏洞的威胁情报,包括漏洞的详细分析、利用方法和缓解指南。 – SecTodayBot

• Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails:
https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html

   ・ 一起利用电子邮件路由错误配置进行网络钓鱼的新型威胁,揭示了Proofpoint服务器漏洞的详细分析和根本原因。 – SecTodayBot

• ImageMagick AppImage Vulnerability Opens Door to Arbitrary Code Execution:
https://securityonline.info/imagemagick-appimage-vulnerability-opens-door-to-arbitrary-code-execution/

   ・ ImageMagick的AppImage版本存在漏洞,可能导致远程代码执行 – SecTodayBot

• Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port:
https://posts.specterops.io/hands-in-the-cookie-jar-dumping-cookies-with-chromiums-remote-debugger-port-34c4f468844e

   ・ 一种从Chromium浏览器中窃取Cookie的技术,通过启动Chrome的远程调试端口绕过加密以及利用Chrome解密Cookie。 – SecTodayBot

• RADIUS Protocol Vulnerability Impacted Multiple Cisco Products:
https://cybersecuritynews.com/radius-protocol-vulnerability-cisco/

   ・ 披露了RADIUS协议的关键漏洞,影响到思科等多个知名软件产品 – SecTodayBot

• Unveiling the latest banking trojan threats in LATAM:
https://securityintelligence.com/posts/unveiling-latest-banking-trojan-threats-latam/

   ・ IBM Security Lab在拉丁美洲地区观察到的恶意Chrome扩展相关的活动激增,以及CyberCartel团伙利用Web注入和浏览器中间人攻击等先进技术,针对拉丁美洲金融机构的攻击手法进行了详细分析。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab

相关推荐
关注或联系我们
添加百川云公众号,移动管理云安全产品
咨询热线:
4000-327-707
百川公众号
百川公众号
百川云客服
百川云客服

Copyright ©2024 北京长亭科技有限公司
icon
京ICP备 2024055124号-2