每日安全动态推送(10-25)
2023-10-25 15:11:43 Author: mp.weixin.qq.com(查看原文) 阅读量:0 收藏

Tencent Security Xuanwu Lab Daily News

• Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365:
https://www.blackhillsinfosec.com/introducing-graphrunner/

   ・ GraphRunner是一个与Microsoft Graph API交互的后渗透工具集,提供了各种工具来执行侦察、持久化和从Microsoft Entra ID(Azure AD)账户中获取数据。 – SecTodayBot

• Grand Theft Auto – RF Locks Hacking Flipper-Zero Edition Part 1:
https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking.html

   ・ 本文分享了使用Flipper-Zero和其他RF黑客工具进行RF锁系统入门的旅程,希望每个案例研究都能帮助人们更好地了解RF锁黑客所需的工具。 – SecTodayBot

• Numbers turned weapons: DoS in Osmosis’ math library:
https://blog.trailofbits.com/2023/10/23/numbers-turned-weapons-dos-in-osmosis-math-library/

   ・ Osmosis链中的一个漏洞允许攻击者通过发送特定交易来占用Osmosis节点的计算时间,从而导致链停止运行。Osmosis开发人员进行了硬分叉修复漏洞,避免了攻击的发生。 – SecTodayBot

• Perfect DLL Hijacking:
https://elliotonsecurity.com/perfect-dll-hijacking/

   ・ 本文介绍了如何绕过Loader Lock并彻底禁用它,以及一些稳定的缓解和检测机制来防止DLL劫持。 – SecTodayBot

• VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs:
https://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive-and-iocs/

   ・ CVE-2023-34051的技术细节,它是一个 VMware 绕过身份验证的漏洞,允许远程以root权限执行代码。攻击者只需伪造IP地址并使用先前的攻击即可利用此漏洞。 – SecTodayBot

• Windows tokens: how to compromise a Active Directory without touching LSASS:
https://blog.whiteflag.io/blog/exploiting-windows-tokens/

   ・ 如何不使用 LSASS 来攻破 Windows AD – SecTodayBot

• AMD Radeon™ Graphics Kernel Driver Privilege Management Vulnerability:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-6009.html

   ・ AMD Radeon™ Software 内核驱动程序(pdfwkrnl.sys)存在潜在漏洞,可能导致任意代码执行。 – SecTodayBot

• Translucent Kernel Memory Access from Usermode:
https://www.themalwareman.com/Translucent-Kernel-Memory-Access/

   ・ 通过滥用具有有效签名的易受攻击驱动程序,我们可以加载一个已经签名的驱动程序,并获得内核内存原语(如读/写/分配),从而实现从用户模式访问透明内核内存的目标。 – SecTodayBot

• JWT 渗透姿势一篇通:
https://paper.seebug.org/3057/

   ・ JWT基础概念、结构和工作原理,以及如何进行签名验证和防御漏洞。 – SecTodayBot

• README.md:
https://github.com/evilsocket/legba

   ・ Legba是一个使用Rust和Tokio异步运行时构建的多协议凭证暴力破解/密码喷洒和枚举工具 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959398&idx=1&sn=18d700cb2aa4438b22fb6fa5ad1276c5&chksm=8baed0f9bcd959ef8b03db8a2cb6723890d32e45f36214eb63402019d5000f43a1db002eb6c4&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh