每日安全动态推送(4-18)
2024-4-18 11:58:19 Author: mp.weixin.qq.com(查看原文) 阅读量:3 收藏

Tencent Security Xuanwu Lab Daily News

• Terrapin vulnerability in Jenkins CLI client:
https://seclists.org/oss-sec/2024/q2/136

   ・ 介绍了Jenkins CLI客户端中的Terrapin漏洞 – SecTodayBot

• SoumniBot: the new Android banker’s unique techniques:
https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/

   ・ Android恶意软件SoumniBot采用非常规方法规避分析和检测,通过篡改Android清单文件等技术,成功规避安卓系统的检测机制。 – SecTodayBot

• Fake Dialog Boxes to Make Malware More Convincing:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-dialog-boxes-to-make-malware-more-convincing/

   ・ 探讨了SpiderLabs在红队参与过程中如何将用户提示(特别是Windows对话框)纳入其恶意软件加载程序,以使钓鱼目标更容易相信。 – SecTodayBot

• Passbolt: a bold use of HaveIBeenPwned:
http://blog.quarkslab.com/passbolt-a-bold-use-of-haveibeenpwned.html

   ・ Pwned Passwords service与Passbolt是本文的重点内容,介绍了使用Pwned Passwords API来提醒用户密码是否存在于以前的数据泄露中,以及Passbolt作为开源密码管理器的应用。 – SecTodayBot

• CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability:
https://www.thezdi.com/blog/2024/4/17/cve-2024-20697-windows-libarchive-remote-code-execution-vulnerability

   ・ Microsoft Windows中Libarchive远程代码执行漏洞CVE-2024-20697 – SecTodayBot

• CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used:
https://seclists.org/oss-sec/2024/q2/138

   ・ Apache Airflow存在一处漏洞,允许经过身份验证的用户在\"configuration\" UI页面上查看敏感提供者配置 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959606&idx=1&sn=d27cbb41ed6affb9a126e5cb86052385&chksm=8baed1a9bcd958bf9e731ae8b02a428e977938e59192329cf73a1b1ebd9756966a5eab3fd32f&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh