• PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers:
https://cert.vde.com/en/advisories/VDE-2024-011/
・ 披露了CHARX SEC充电控制器固件中的多个漏洞
– SecTodayBot
• Under the Hood of SnakeKeylogger: Analyzing its Loader and its Tactics, Techniques, and Procedures:
https://www.splunk.com/en_us/blog/security/under-the-hood-of-snakekeylogger-analyzing-its-loader-and-its-tactics-techniques-and-procedures.html
・ 深入分析了2020年11月出现的重大威胁——Snake Keylogger的威胁性和多面手的数据窃取方法,以及其使用的加载程序来混淆其代码
– SecTodayBot
• RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage:
https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html
・ 俄语黑客组织RedCurl利用Microsoft Windows组件执行恶意指令的行为,并详细分析了其使用的策略。
– SecTodayBot
• Google-Dorks-Bug-Bounty - A List Of Google Dorks For Bug Bounty, Web Application Security, And Pentesting:
https://dlvr.it/T43cg2
・ 主要介绍了Google Dorks用于Bug Bounty、Web应用程序安全和渗透测试的列表
– SecTodayBot
• Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover:
https://thehackernews.com/2024/03/researchers-detail-kubernetes.html
・ Kubernetes存在严重漏洞,攻击者可以利用该漏洞在特定情况下实现远程代码执行,影响所有Windows节点。漏洞的根本原因是不安全的函数调用和缺乏用户输入的净化。攻击者可以利用'&'命令分隔符来利用漏洞.
– SecTodayBot
• CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign:
https://research.trendmicro.com/4c7tw0d
・ DarkGate运营者利用Microsoft Windows SmartScreen漏洞进行零日攻击
– SecTodayBot
• A patched Windows attack surface is still exploitable:
https://securelist.com/windows-vulnerabilities/112232/?reseller=gb_kdaily-blog_acq_ona_smm___b2c_some_sma_sm-team______&utm_source=twitter&utm_medium=social&utm_campaign=gl_kdaily-blog_ag0241&utm_content=sm-post&utm_term=gl_twitter_organic_kiawdfrcjunv241
・ 自2015年以来影响Windows的一类漏洞的内核补丁。文章详细分析了漏洞的根本原因,包括利用这些漏洞的利用和POC。
– SecTodayBot
• JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE):
https://dlvr.it/T42ZZz
・ JetBrains TeamCity 2023.05.3存在远程代码执行漏洞,使攻击者可以利用此漏洞创建管理员用户。
– SecTodayBot
• oss-security - CVE-2024-23944: Apache ZooKeeper: Information disclosure in persistent watcher handling:
https://www.openwall.com/lists/oss-security/2024/03/14/2
・ Apache ZooKeeper存在信息泄露漏洞(CVE-2024-23944),攻击者可通过添加持久观察者监视子 znodes,从而暴露 znodes 的完整路径。
– SecTodayBot
• SSRF Vulnerability Arising from Axios URL Parsing · Issue #6295 · axios/axios:
https://github.com/axios/axios/issues/6295
・ 重点介绍了axios URL解析的SSRF安全漏洞
– SecTodayBot
• Serial PitM:
https://sensepost.com/blog/2024/serial-pitm/
・ 介绍了硬件和软件通信的新方法和工具
– SecTodayBot
• Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE):
https://dlvr.it/T42bmy
・ 瑞捷交换机PSG-5124的远程代码执行漏洞
– SecTodayBot
• ChatGPT 0-click plugin exploit risked leak of private GitHub repos:
https://packetstormsecurity.com/news/view/35650
・ 介绍了ChatGPT及其第三方插件的漏洞问题,最大亮点是披露了OAuth实现漏洞的详细分析,以及描述了可利用该漏洞的0-click攻击。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab