每日安全动态推送(12-12)
2023-12-12 11:48:39 Author: mp.weixin.qq.com(查看原文) 阅读量:5 收藏

Tencent Security Xuanwu Lab Daily News

• Buildroot: Talos download hash verification vulnerabilities:
https://seclists.org/oss-sec/2023/q4/266

   ・ Buildroot近期披露了有关哈希验证的漏洞信息,文章详细分析了漏洞根本原因,并介绍了处理下载哈希和自定义软件包位置的新方法和工具。 – SecTodayBot

• Critical Bluetooth flaw could take over Android, Apple, Linux devices:
https://packetstormsecurity.com/news/view/35283

   ・ 披露了一项多年潜伏的关键蓝牙安全漏洞,这一发现将在即将举行的会议上公布详细漏洞信息和漏洞利用脚本。漏洞的根本原因得到了详细分析,与著名的操作系统相关,包括远程代码执行。 – SecTodayBot

• Unmasking the Enigma: A Historical Dive into the World of PlugX Malware:
https://www.splunk.com/en_us/blog/security/unmasking-the-enigma-a-historical-dive-into-the-world-of-plugx-malware.html

   ・ 文章详细解释了PlugX的DAT载荷提取、CFG解密、分析等内容,并介绍了用于威胁分析的Python工具。该工具自动化了提取过程,简化了调查过程,有助于安全专业人员更有效地解剖和理解这一威胁。 – SecTodayBot

• ProxyShell (CVE-2021-34473):
https://github.com/kh4sh3i/ProxyShell

   ・ 介绍了CVE-2021-34473漏洞,包括nuclei扫描器和ProxyShell.py脚本。同时公布了Orange Tsai在Pwn2Own中发现该漏洞的信息。 – SecTodayBot

• Finding LogoFAIL: The Dangers of Image Parsing During System Boot:
https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html

   ・ 对UEFI固件中的图像解析组件的漏洞进行了深入调查和披露,揭示了这些漏洞对整个UEFI固件行业的影响。 – SecTodayBot

• Bypassing major EDRs using Pool Party process injection techniques:
https://securityaffairs.com/155464/hacking/pool-party-bypassing-edr.html

   ・ 介绍了一种新的绕过EDR解决方案的进程注入技术,通过利用Windows线程池发现了这一攻击向量。该技术在Black Hat Europe 2023上进行了展示,成功绕过了五种主流EDR解决方案的检测。 – SecTodayBot

• What is Loader Lock?:
https://elliotonsecurity.com/what-is-loader-lock/

   ・ 重点讨论了Windows中的DLL和加载器锁的影响,对系统进行了详细的分析,介绍了加载器锁的使用和影响。 – SecTodayBot

• GitHub - cqr-cryeye-forks/goby-pocs: List of pocs for goby:
https://github.com/cqr-cryeye-forks/goby-pocs

   ・ 提供了Goby工具的POC列表 – SecTodayBot

• Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates | Akamai:
https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp

   ・ 披露了针对使用Microsoft DHCP服务器的Active Directory域的新攻击。攻击可以允许攻击者伪造敏感的DNS记录,可能导致从凭证窃取到完全的Active Directory域损害。 – SecTodayBot

• 一些pocsuite3的脚本:
https://github.com/wuerror/pocsuite3_pocs

   ・ 介绍了与网络安全测试和利用相关的各种POC脚本,包括ShiroAttack2、cve_2022_0540、jira越权、shiziyuCMS_sqli、drupal7_geddon2和http_request_smuggling_script。 – SecTodayBot

• New payload to exploit Error-based SQL injection - Oracle database:
https://www.mannulinux.org/2023/12/New-payload-to-exploit-Error-based-SQL-injection-Oracle-database.html

   ・ 介绍了利用XDBURITYPE()函数对Oracle和PostgreSQL数据库进行错误型SQL注入攻击的详细分析和利用方法 – SecTodayBot

• [Cracking Windows Kernel with HEVD] Chapter 4: How do we write a shellcode to elevate privileges and gracefully return to userland?:
https://mdanilor.github.io/posts/hevd-4/

   ・ 重点讲解了Windows特权升级的技术原理,包括如何编写shellcode来提升特权并优雅地返回用户空间。文章详细解析了Windows特权机制以及在特权升级后恢复堆栈和寄存器所面临的挑战。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959458&idx=1&sn=a5aca24336237f3932fd758d51a17db6&chksm=8baed03dbcd9592b5efc865e05b8275c69c96da5cef5bc0dca6316c276db94b4e5f7bbe0f106&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh