每日安全动态推送(4-24)
2024-4-24 17:25:2 Author: mp.weixin.qq.com(查看原文) 阅读量:0 收藏

Tencent Security Xuanwu Lab Daily News

• Sorry, you have been blocked:
https://go.theregister.com/feed/www.theregister.com/2024/04/22/edr_attack_remote_data_deletion/

   ・ 揭示了微软Defender和卡巴斯基安全产品存在的漏洞,通过植入恶意签名来欺骗安全产品,实现远程删除文件的攻击。 – SecTodayBot

• EDR as an Offensive Tool:
https://www.safebreach.com/blog/dark-side-of-edr-offensive-tool

   ・ 该文章主要揭示了对Palo Alto Networks Cortex XDR平台的新漏洞信息和详细分析,包括了绕过保护机制的利用方法和技术。  – SecTodayBot

• GitHub - login-securite/lsassy: Extract credentials from lsass remotely:
https://github.com/login-securite/lsassy

   ・ 该文章介绍了一种名为lsassy的Python工具,用于远程提取一组主机上的凭据。 – SecTodayBot

• No, LLM Agents can not Autonomously Exploit One-day Vulnerabilities:
https://struct.github.io/auto_agents_1_day.html

   ・ 该文章讨论了使用LLM Agent自主利用1day漏洞的研究,作者对研究中使用的数据集和模型进行了详细分析,认为GPT-4并未展示自主分析和利用软件漏洞的新能力,而是展示了作为软件自动化关键组成部分的价值。文章还提到了对一些已知开源软件漏洞进行了分析,总结了公开利用这些漏洞的简易性。  – SecTodayBot

• Oracle VirtualBox Elevation of Privilege Vulnerability (CVE-2024-21111): PoC Published:
https://securityonline.info/oracle-virtualbox-elevation-of-privilege-vulnerability-cve-2024-21111-poc-published/

   ・ Oracle VirtualBox存在严重漏洞(CVE-2024-21111),攻击者可利用该漏洞在运行VirtualBox的Windows系统上提升权限 – SecTodayBot

• Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers:
https://thehackernews.com/2024/04/researchers-uncover-windows-flaws.html

   ・ 研究发现,DOS-to-NT路径转换过程存在漏洞,可被威胁行为利用来实现类rootkit的功能,对文件、目录和进程进行隐藏和冒充。文章详细分析了漏洞的根本原因,并披露了新的安全漏洞信息。  – SecTodayBot

• How we escalated a DOM XSS to a sophisticated 1-click Account Takeover for $8000 - Part 1:
https://thefrogsec.github.io/2024/04/06/How-we-escalated-a-DOM-XSS-to-a-sophisticated-1-click-Account-Takeover-for-8000-Part-1/

   ・ 揭示了将一个简单的DOM XSS漏洞升级为复杂的一键接管账户攻击的案例,详细分析了OAuth登录流程和潜在攻击向量 – SecTodayBot

• BlackBerry MDM Has Some Authentication Flaws:
https://emptynebuli.github.io/tooling/2024/04/22/blackberryMDM.html

   ・ 本文揭示了BlackBerry MDM中的认证漏洞,包括了漏洞的根本原因分析和利用漏洞的POC。同时介绍了使用Frida等安全工具和脚本进行漏洞分析的方法。  – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959614&idx=1&sn=408c287831b2b02138ac3173f40e0e99&chksm=8baed1a1bcd958b76242654809617d2766bda94832b0d58ec7caa9340ff7f73c304387c957f6&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh