Tencent Security Xuanwu Lab Daily News

• www.bleepingcomputer.com:
https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/

   ・ GitHub存在漏洞被恶意利用，通过评论上传恶意软件。这一漏洞可能会导致恶意软件伪装成受信任的软件，并且难以辨别。  – SecTodayBot

• oss-security - The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence:
https://www.openwall.com/lists/oss-security/2024/04/17/9

   ・ GNU C 库版本 2.39 及更早版本中的 iconv() 函数存在输出缓冲区溢出  – SecTodayBot

• Sorry, you have been blocked:
https://packetstormsecurity.com/news/view/35789

   ・ OpenAI的GPT-4可以通过阅读安全公告来利用真实漏洞。研究人员发现，GPT-4能够自主利用真实世界系统中的漏洞，如果给定描述漏洞的CVE公告 – SecTodayBot

• Cookie-Monster - BOF To Steal Browser Cookies & Credentials:
https://dlvr.it/T5dLyN

   ・ Cookie-Monster是一款用于窃取浏览器Cookie和凭据的工具，可以提取浏览器中的敏感信息，并提供了解密和无文件下载功能。 – SecTodayBot

• EDR – The Multi-Tool of Security Defenses:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/edr-the-multi-tool-of-security-defenses/

   ・ 介绍了端点检测和响应（EDR）解决方案的特点和选择考虑因素。文章提到了EDR解决方案的功能、特性和选择方法，以及如何选择合适的EDR。 – SecTodayBot

• Re: Linux: Disabling network namespaces:
https://seclists.org/oss-sec/2024/q2/163

   ・ 文章讨论了关于Linux命名空间的安全问题，以及它们如何被恶意应用程序利用。具体分析了嵌套命名空间如何绕过Flatpak安全设计的细节 – SecTodayBot

• CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin:
https://seclists.org/oss-sec/2024/q2/160

   ・ Apache HugeGraph-Server存在远程命令执行漏洞(CVE-2024-27348) – SecTodayBot

• The Invisible Battleground: Essentials of EASM:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-invisible-battleground-essentials-of-easm/

   ・ 介绍外部攻击面管理的作用 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab