Tencent Security Xuanwu Lab Daily News

• Behind the Shield: Unmasking Scudo's Defenses:
https://www.synacktiv.com/en/publications/behind-the-shield-unmasking-scudos-defenses

   ・ Scudo 是一种通用分配器，设计为模块化且高度可配置，可缓解基于堆的漏洞  – SecTodayBot

• CVE-2023-4911: Local Privilege Escalation in the glibc's ld.so:
https://seclists.org/fulldisclosure/2023/Oct/11

   ・ CVE-2023-4911：GNU C glibc 的动态加载程序 (ld.so) 中的本地权限提升漏洞  – SecTodayBot

• Pegasus spyware and how it exploited a WebP vulnerability:
https://www.malwarebytes.com/blog/news/2023/09/pegasus-spyware-and-how-it-exploited-a-webp-vulnerability

   ・ Pegasus 间谍软件及其如何利用 Libwebp 中基于堆缓冲区溢出的 WebP 漏洞，Libwebp 是用于对 WebP 格式的图像进行编码和解码的代码库，可在其他程序（例如 Web 浏览器）中使用以添加 WebP 支持  – SecTodayBot

• Teasing the secrets from threat actors: malware configuration extractors:
https://bit.ly/3tnplvd

   ・ 多个恶意软件家族采用的恶意软件配置保护技术：TrickBot (TheTrick)、IcedID (Bokbot) 和 Emotet (Geodo)，以及 .NET 恶意软件 SnakeKeyLogge  – SecTodayBot

• KubeHound: Identifying attack paths in Kubernetes clusters | Datadog Security Labs:
https://securitylabs.datadoghq.com/articles/kubehound-identify-kubernetes-attack-paths/

   ・ KubeHound，用于可视化 Kubernetes 部署中攻击路径的工具包，将防御思维模型从基于列表的思维转变为基于图的思维，帮助防御者重新获得优势  – SecTodayBot

• root with a single command: sudo logrotate:
https://joshua.hu/gaining-root-with-logrotate-sudo-ubuntu

   ・ 使用sudo logrotate命令获取 root 权限 – SecTodayBot

• CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center:
https://blog.rapid7.com/2023/10/04/etr-cve-2023-22515-zero-day-privilege-escalation-in-confluence-server-and-data-center/

   ・ CVE-2023-22515，一个影响 Confluence Server 和 Confluence Data Center 本地实例的权限提升漏洞。该漏洞可能允许普通用户帐户提升为管理员 - Confluence 允许新用户在未经批准的情况下注册，但默认情况下禁用此功能  – SecTodayBot

• Overview 🏕️:
https://github.com/deadbits/vigil-llm

   ・ Vigil 是一个 Python 框架和 REST API，用于根据一组扫描仪评估大型语言模型 (LLM) 提示，以检测提示注入、越狱和其他潜在风险输入  – SecTodayBot

• Fugu15 - Rootful Edition:
https://github.com/pinauten/Fugu15_Rootful

   ・ Fugu15 是 iOS 15 的半不受限制的永久越狱 – SecTodayBot

• Let’s Go into the rabbit hole (part 1) — the challenges of dynamically hooking Golang programs:
http://blog.quarkslab.com/lets-go-into-the-rabbit-hole-part-1-the-challenges-of-dynamically-hooking-golang-program.html

   ・ 如何在运行时挂钩Golang程序而不需要重新编译源代码 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab