Tencent Security Xuanwu Lab Daily News

• oss-security - CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy:
https://www.openwall.com/lists/oss-security/2024/04/24/3

   ・ 介绍了Linux内核io_uring子系统中的使用后释放漏洞CVE-2024-0582，包括漏洞的详细分析和成功利用该漏洞的策略 – SecTodayBot

• C isn’t a Hangover; Rust isn’t a Hangover Cure:
https://medium.com/@john_25313/c-isnt-a-hangover-rust-isn-t-a-hangover-cure-580c9b35b5ce

   ・ 讨论了编程语言中的内存安全性对安全性的重要性以及其影响 – SecTodayBot

• C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets:
https://dlvr.it/T5wyRr

   ・ C2-Tracker是一种用于跟踪C2服务器、工具和僵尸网络的新技术。该技术提供了免费的IOC（指标情报）源，涵盖了各种工具/恶意软件。 – SecTodayBot

• Nation-State Threat Actors Renew Publications to npm:
https://blog.phylum.io/north-korean-state-actors/

   ・ 描述了一个针对npm的复杂网络攻击，攻击者利用木马文件执行任意代码。 – SecTodayBot

• oss-security - PowerDNS Recursor Security Advisory 2024-02: if recursive forwarding is configured, crafted responses can lead to a denial of service in Recursor:
https://www.openwall.com/lists/oss-security/2024/04/24/1

   ・ PowerDNS Recursor存在安全漏洞(CVE-2024-25583)，当使用递归转发时，来自上游服务器的精心构造的响应可能导致拒绝服务。 – SecTodayBot

• GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining:
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/

   ・ 介绍了Avast发现并分析了一起利用eScan杀毒软件更新机制分发后门和加密货币挖矿程序的恶意软件活动。 – SecTodayBot

• Social engineering for open-source supply chain attack profit:
https://kas.pr/yzo2

   ・ 详细分析了社会工程攻击和恶意代码注入的供应链攻击事件，突出了对开源项目XZ Utils的攻击过程，揭示了攻击者的策略和技术手段。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab