• *nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 2 of 2:
https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/
・ 揭示了X.Org libX11中的两个安全漏洞,并详细分析了CVE-2023-43787漏洞的根本原因和利用。
– SecTodayBot
• A Look into PlugX Kernel driver:
https://mahmoudzohdy.github.io/posts/re/plugx/
・ 讨论了最近PlugX攻击中使用的已签名内核驱动程序的详细分析
– SecTodayBot
• Analysis of Microsoft Streaming Agent Privilege Elevation Vulnerability - CVE-2023-36802:
https://dev.to/tutorialboy/analysis-of-microsoft-streaming-agent-privilege-elevation-vulnerability-cve-2023-36802-757
・ Google Project Zero分析的在野案例的实施过程,详细分析了mskssrv.sys驱动程序中的漏洞根本原因,涉及了与驱动程序通信的新方法。
– SecTodayBot
• Google Kubernetes Clusters Suffer Widespread Exposure to External Attackers:
https://www.darkreading.com/cloud-security/anyone-with-google-account-can-hack-misconfigured-kubernetes-clusters
・ Google Kubernetes Engine (GKE)存在权限误解漏洞,可能导致外部攻击者访问组织的私有Kubernetes容器集群。
– SecTodayBot
• Why Polish hackers broke into trains:
https://kas.pr/17d7
・ 介绍了波兰黑客如何入侵火车的数字版权管理系统,并发现制造商在代码中嵌入了恶意机制。揭示了在最意想不到的地方也可能存在恶意植入物,强调了对于任何项目都应该至少进行信息安全检查。
– SecTodayBot
• D-Link DAP-1650 gena.cgi SUBSCRIBE Command Injection Vulnerability:
https://blog.exodusintel.com/2024/01/25/d-link-dap-1650-gena-cgi-subscribe-command-injection-vulnerability/
・ D-Link DAP-1650设备中的命令注入漏洞,可能导致未经身份验证的攻击者以root权限在设备上执行命令。
– SecTodayBot
• SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution:
https://ssd-disclosure.com/ssd-advisory-zyxel-vpn-series-pre-auth-remote-command-execution/
・ Zyxel VPN防火墙的新漏洞
– SecTodayBot
• Ubuntu Security Notice USN-6598-1:
https://packetstormsecurity.com/files/176716
・ SSH协议和Paramiko库存在前缀截断攻击漏洞
– SecTodayBot
• Highlights from Pwn2Own Automotive Day 2 - NCC Group vs Alpine #shorts #pwn2own:
https://youtube.com/shorts/TISQ8CvNHHE
・ 介绍了Pwn2Own竞赛第二天的亮点,其中NCC Group与Alpine展开了较量。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab