Tencent Security Xuanwu Lab Daily News

• PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers:
https://cert.vde.com/en/advisories/VDE-2024-011/

   ・ 披露了CHARX SEC充电控制器固件中的多个漏洞 – SecTodayBot

• Under the Hood of SnakeKeylogger: Analyzing its Loader and its Tactics, Techniques, and Procedures:
https://www.splunk.com/en_us/blog/security/under-the-hood-of-snakekeylogger-analyzing-its-loader-and-its-tactics-techniques-and-procedures.html

   ・ 深入分析了2020年11月出现的重大威胁——Snake Keylogger的威胁性和多面手的数据窃取方法，以及其使用的加载程序来混淆其代码 – SecTodayBot

• RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage:
https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html

   ・ 俄语黑客组织RedCurl利用Microsoft Windows组件执行恶意指令的行为，并详细分析了其使用的策略。 – SecTodayBot

• Google-Dorks-Bug-Bounty - A List Of Google Dorks For Bug Bounty, Web Application Security, And Pentesting:
https://dlvr.it/T43cg2

   ・ 主要介绍了Google Dorks用于Bug Bounty、Web应用程序安全和渗透测试的列表 – SecTodayBot

• Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover:
https://thehackernews.com/2024/03/researchers-detail-kubernetes.html

   ・ Kubernetes存在严重漏洞，攻击者可以利用该漏洞在特定情况下实现远程代码执行，影响所有Windows节点。漏洞的根本原因是不安全的函数调用和缺乏用户输入的净化。攻击者可以利用'&'命令分隔符来利用漏洞. – SecTodayBot

• CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign:
https://research.trendmicro.com/4c7tw0d

   ・ DarkGate运营者利用Microsoft Windows SmartScreen漏洞进行零日攻击 – SecTodayBot

• A patched Windows attack surface is still exploitable:
https://securelist.com/windows-vulnerabilities/112232/?reseller=gb_kdaily-blog_acq_ona_smm___b2c_some_sma_sm-team______&utm_source=twitter&utm_medium=social&utm_campaign=gl_kdaily-blog_ag0241&utm_content=sm-post&utm_term=gl_twitter_organic_kiawdfrcjunv241

   ・ 自2015年以来影响Windows的一类漏洞的内核补丁。文章详细分析了漏洞的根本原因，包括利用这些漏洞的利用和POC。 – SecTodayBot

• JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE):
https://dlvr.it/T42ZZz

   ・ JetBrains TeamCity 2023.05.3存在远程代码执行漏洞，使攻击者可以利用此漏洞创建管理员用户。 – SecTodayBot

• oss-security - CVE-2024-23944: Apache ZooKeeper: Information disclosure in persistent watcher handling:
https://www.openwall.com/lists/oss-security/2024/03/14/2

   ・ Apache ZooKeeper存在信息泄露漏洞(CVE-2024-23944)，攻击者可通过添加持久观察者监视子 znodes，从而暴露 znodes 的完整路径。 – SecTodayBot

• SSRF Vulnerability Arising from Axios URL Parsing · Issue #6295 · axios/axios:
https://github.com/axios/axios/issues/6295

   ・ 重点介绍了axios URL解析的SSRF安全漏洞 – SecTodayBot

• Serial PitM:
https://sensepost.com/blog/2024/serial-pitm/

   ・ 介绍了硬件和软件通信的新方法和工具 – SecTodayBot

• Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE):
https://dlvr.it/T42bmy

   ・ 瑞捷交换机PSG-5124的远程代码执行漏洞 – SecTodayBot

• ChatGPT 0-click plugin exploit risked leak of private GitHub repos:
https://packetstormsecurity.com/news/view/35650

   ・ 介绍了ChatGPT及其第三方插件的漏洞问题，最大亮点是披露了OAuth实现漏洞的详细分析，以及描述了可利用该漏洞的0-click攻击。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab