Tencent Security Xuanwu Lab Daily News
https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html
・ 详细分析了Lazarus发布的恶意Python软件包
– SecTodayBot
• WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting:
https://packetstormsecurity.com/files/177361
・ 披露了WordPress IDonate插件1.8.1及以下版本存在的持久性跨站脚本漏洞,同时提供了利用该漏洞的POC。
– SecTodayBot
• Notepad.exe Will Snitch On You (full coding project):
https://www.youtube.com/watch?v=zSSBbv2fc2s
・ 提到了Notepad.exe可能存在的安全风险
– SecTodayBot
• SMM isolation - SMI deprivileging (ISRD):
https://tandasat.github.io/blog/2024/02/29/ISRD.html
・ 深入分析了英特尔平台上系统管理模式(SMM)隔离的内部工作原理,重点介绍了Intel System Resources Defense (ISRD) 和 SMI deprivileging。
– SecTodayBot
• Mail in the Middle – A tool to automate spear phishing campaigns:
https://sensepost.com/blog/2024/mail-in-the-middle-a-tool-to-automate-spear-phishing-campaigns/
・ 介绍了一种名为Mail-in-the-Middle (Maitm)的新安全工具,用于拦截和篡改电子邮件
– SecTodayBot
• Re: CVE-2024-22857: Heap Based Buffer overflow in zlog library:
https://seclists.org/oss-sec/2024/q1/179
・ 介绍了 zlog 库中的一个新漏洞(CVE-2024-22857)
– SecTodayBot
• DOM Clobbering Wiki:
https://domclob.xyz/domc_wiki/techniques/
・ 介绍了DOM Clobbering攻击技术,讨论了攻击者如何操纵安全敏感变量和内置浏览器API的值。
– SecTodayBot
• How to Track Realtime Location of ANY Telegram User — 2 Methods:
https://x-it.medium.com/how-to-track-realtime-location-of-any-telegram-user-2-methods-ec09d873b839
・ 介绍了两种追踪Telegram用户实时位置的方法
– SecTodayBot
• Remote Code Execution in Apache Dolphinscheduler(CVE-2023-49109) - 先知社区:
https://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx
・ 针对Apache Dolphinscheduler 中存在远程代码执行漏洞分析 (CVE-2023-49109)
– lanying37
• VoltSchemer: attacks on wireless chargers through the power supply | Kaspersky official blog:
https://kas.pr/a192
・ 介绍了来自佛罗里达大学的研究人员对使用Qi无线充电器进行攻击的研究
– SecTodayBot
• Read In This Article:
https://hadess.io/web-llm-attacks/
・ 文章重点讨论了LLMs整合所带来的安全挑战和防御策略,涉及了输出处理不安全、提示注入、训练数据污染等方面的漏洞。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab