每日安全动态推送(12-26)
2023-12-26 11:59:37 Author: mp.weixin.qq.com(查看原文) 阅读量:1 收藏

Tencent Security Xuanwu Lab Daily News

• PySQLRecon - Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon:
http://dlvr.it/T0M9n6

   ・ 用Python编写的MSSQL攻击工具包,可以用于进行数据库渗透测试。 – SecTodayBot

• Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook: Pt 2:
https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-two

   ・ 介绍了如何利用Outlook中的一个漏洞来实现远程代码执行,并详细分析了Windows系统中音频文件解析的漏洞和攻击面。 – SecTodayBot

• A detailed analysis of the Menorah malware used by APT34:
https://securityscorecard.com/research/menorah-malware-apt34/

   ・ 详细分析了Menorah恶意软件的运行机制和行为特征,包括创建互斥体以确保单一运行实例、提取主机名和用户名并计算识别感染机器的哈希值、实施各种命令操作等。 – SecTodayBot

• Decoding the Web Injection Malware Campaign of 2023:
https://securityonline.info/decoding-the-web-injection-malware-campaign-of-2023/

   ・ 深入解析了2023年的网络注入恶意软件攻击活动 – SecTodayBot

• Windows CLFS and five exploits used by ransomware operators:
https://securelist.com/windows-clfs-exploits-ransomware/111560/

   ・ Windows系统中的Common Log File System (CLFS)存在的两个漏洞(CVE-2022-35803和CVE-2022-37969),并对漏洞的根本原因和利用方法进行了详细分析。 – SecTodayBot

• Shedding light on Fighting Ursa.:
https://bit.ly/46ZPo9W

   ・ Palo Alto Networks Unit 42关于Fighting Ursa(又名APT28)的最新威胁情报研究,揭示了他们如何利用Microsoft Outlook漏洞(CVE-2023-23397)进行攻击 – SecTodayBot

• Mayhem: Targeted Corruption of Register and Stack Variables:
https://seclists.org/oss-sec/2023/q4/309

   ・ 介绍了一项可能影响安全代码执行流程的潜在漏洞,以及相关软件的潜在脆弱性 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959476&idx=1&sn=ba4382235b166db8d1c19e49716f7293&chksm=8baed02bbcd9593d64f7f3e6a2e37d4c3254fe930db40e4fdf53bbc546bc622d83f405e6fa95&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh