Tencent Security Xuanwu Lab Daily News

• A quick post on Chen’s algorithm:
https://blog.cryptographyengineering.com/2024/04/16/a-quick-post-on-chens-algorithm/

   ・ 介绍了由Yilei Chen撰写的新的量子算法对密码学的潜在影响。该算法可能对基于格的加密方案造成潜在威胁，引起了密码学研究界的关注。 – SecTodayBot

• NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected:
https://dlvr.it/T5ZvVn

   ・ 介绍了一种名为NoArgs的网络安全工具，可动态伪装和隐藏进程参数，以保持不被检测。通过篡改Windows API并利用Process Environment Block（PEB）来实现参数的操纵和隐藏。 – SecTodayBot

• Building a model from scratch:
https://docs.rev.ng/user-manual/model-tutorial/

   ・ 介绍了如何从头开始构建一个模型来反编译一个简单的程序 – SecTodayBot

• rhinosecuritylabs.com:
https://rhinosecuritylabs.com/research/cve-2024-2448-kemp-loadmaster/

   ・ 介绍了发现在LoadMaster负载均衡器中的两个漏洞，一个是经过身份验证的命令注入漏洞，另一个是跨站请求伪造（CSRF）保护绕过漏洞。 – SecTodayBot

• Nullcon Berlin 2024 | Open Sesame - Or How Secure Is Your Stuff In Electronic Lockers - Dennis Giese:
https://www.youtube.com/watch?v=KNh2EaOe53Y&feature=youtu.be

   ・ 讨论了电子储物柜的安全性问题，可能涉及了新的漏洞信息 – SecTodayBot

• Re: New Linux LPE via GSMIOC_SETCONF_DLCI?:
https://seclists.org/oss-sec/2024/q2/129

   ・ Linux内核n_gsm子系统存在多个漏洞 – SecTodayBot

• PoC Exploit Released for 0-day Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-21338):
https://securityonline.info/poc-exploit-released-for-0-day-windows-kernel-elevation-of-privilege-vulnerability-cve-2024-21338/

   ・ 揭示了近期被朝鲜Lazarus组织利用的Windows Kernel漏洞(CVE-2024-21338)的详细分析及其利用方式，并提供了针对该漏洞的PoC exploit code。 – SecTodayBot

• Microsoft’s ‘AI Watchdog’ defends against new LLM jailbreak method:
https://packetstormsecurity.com/news/view/35785

   ・ Microsoft发现了一种新的方法来越狱大型语言模型（LLM）人工智能工具，并分享了他们正在努力改进LLM安全性和安全性的方法。他们介绍了Crescendo LLM越狱方法，以及他们如何改进LLM对抗Crescendo和其他攻击的新工具，包括AI Watchdog和AI Spotlight功能。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab