每日安全动态推送(1-23)
2024-1-23 14:54:26 Author: mp.weixin.qq.com(查看原文) 阅读量:1 收藏

Tencent Security Xuanwu Lab Daily News

• Linux 5.6 io_uring Cred Refcount Overflow:
https://packetstormsecurity.com/files/176649

   ・ Linux版本5.6及以上存在cred refcount溢出漏洞,当处理大约39GB的内存使用时,通过io_uring可能会触发该漏洞。 – SecTodayBot

• ADCSync - Use ESC1 To Perform A Makeshift DCSync And Dump Hashes:
http://dlvr.it/T1bZ4Y

   ・ ADCSync是一种新工具,用于在Active Directory环境中实施类DCSync攻击,通过ESC1来dump用户帐户的NTLM哈希。 – SecTodayBot

• Behind the Scenes of Pwn2Own Automotive - Updating AGL #shorts:
https://youtube.com/shorts/2BsbZOb6X6s

   ・ Pwn2Own Automotive是一场著名的汽车网络安全比赛,本文介绍了该比赛的幕后情况 – SecTodayBot

• An introduction to reverse engineering .NET AOT applications:
https://harfanglab.io/en/insidethelab/reverse-engineering-ida-pro-aot-net/

   ・ 文章介绍了关于越南的网络犯罪组织DuckTail的活动报告,以及他们在.NET程序中使用AOT(ahead of time)编译的新特性。AOT编译对于逆向工程师来说是一个挑战,文章介绍了如何识别.NET AOT二进制文件以及设置AOT用于测试项目的步骤。 – SecTodayBot

• Insomni'hack 2024 CTF Teaser - Cache Cache:
https://itm4n.github.io/insomnihack-2024-cache-cache/

   ・ 讨论了作者在CTF中出题和逆向工程Windows RPC服务器的过程 – SecTodayBot

• 0xsha/EVMProxyInspect: Multi-Chain EVM Proxy Detection Tool:
https://github.com/0xsha/EVMProxyInspect

   ・ 介绍了一种新的安全测试工具,Multi-Chain EVM代理检测工具 – SecTodayBot

• Accepting a calendar invite in Outlook could leak your password:
https://www.scmagazine.com/news/accepting-a-calendar-invite-in-outlook-could-leak-your-password

   ・ 微软Outlook存在漏洞,通过恶意日历邀请泄露哈希密码 – SecTodayBot

• CVE-2023-50643: Evernote Remote Code Execution Flaw, PoC Published:
https://securityonline.info/cve-2023-50643-evernote-remote-code-execution-flaw-poc-published/

   ・ Evernote for MacOS存在严重远程代码执行漏洞(CVE-2023-50643),该漏洞源于Electron开发框架,可能导致恶意攻击者执行任意代码。 – SecTodayBot

• A Stealthy Godzilla Webshell: A New Threat Targeting Apache ActiveMQ:
https://securityonline.info/a-stealthy-godzilla-webshell-a-new-threat-targeting-apache-activemq/

   ・ Apache ActiveMQ 软件存在CVE-2023-46604漏洞,可导致恶意攻击者利用Godzilla Webshell进行未经授权访问和控制。 – SecTodayBot

• How Threat Actors Leveraged HAR Files To Attack Okta’s Customers:
https://www.rezonate.io/blog/har-files-attack-okta-customers

   ・ 介绍了Okta的安全漏洞事件,以及黑客是如何利用HAR文件进行攻击的。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959511&idx=1&sn=b4e0520f9545d664cb1858552976cd01&chksm=8baed048bcd9595e9d06de64235c91e7b561aa8f6b2b6a03299c6118a9fe7da2123ba81606f4&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh