每日安全动态推送(5-8)
2024-5-8 17:7:34 Author: mp.weixin.qq.com(查看原文) 阅读量:3 收藏

Tencent Security Xuanwu Lab Daily News

• TunnelVision - CVE-2024-3661 - Decloaking Full and Split Tunnel VPNs - Leviathan Security Group:
https://www.youtube.com/watch?v=ajsLmZia6UU

   ・ 介绍了有关CVE-2024-3661的VPN漏洞 – SecTodayBot

• Exploiting CData within Jetty servers - CVE-2024-31848/49/50/51 - File Path Traversal & File Read:
https://github.com/Stuub/CVE-2024-31848-PoC

   ・ 披露了针对嵌入式Jetty服务器上运行的CData应用程序的新漏洞,并提供了用于自动化漏洞分析的原型PoC – SecTodayBot

• Empowering Cybersecurity with AI: The Future of Cisco XDR:
https://feedpress.me/link/23532/16675068/empowering-cybersecurity-with-ai-the-future-of-cisco-xdr

   ・ Cisco宣布推出基于人工智能的XDR助手,加速威胁检测和响应,提高安全团队的效率和成本效益。 – SecTodayBot

• Ghidra nanoMIPS ISA module:
https://research.nccgroup.com/2024/05/07/ghidra-nanomips-isa-module/

   ・ NCC Group的硬件和嵌入式系统实践团队开发的针对nanoMIPS架构的Ghidra反汇编和反编译模块。 – SecTodayBot

• GLib (2.26.0+): GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing:
https://seclists.org/oss-sec/2024/q2/219

   ・ GLib中GDBus信号订阅存在漏洞,可能导致未经授权的单播欺骗攻击。 – SecTodayBot

• 1,000,000 requests 2FA bypass:
https://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f

   ・ 披露了绕过两步验证(2FA)和速率限制的新漏洞,以及讨论了使用 brute force 攻击来实现这一绕过的新方法。 – SecTodayBot

• Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries:
https://www.kitploit.com/2024/05/gftrace-command-line-windows-api.html

   ・ 介绍了一种用于追踪Golang二进制文件中Windows API调用的命令行工具gftrace。该工具利用asmstdcall函数来监视特定结构的字段并将其记录下来。通过gftrace,用户可以记录Golang应用程序调用的每个Windows函数的函数名、参数和返回值,而无需挂钩单个API函数或为其创建签名。 – SecTodayBot

• Multiple vulnerabilities in RIOT OS:
https://security.humanativaspa.it/multiple-vulnerabilities-in-riot-os/

   ・ 本文介绍了作者在RIOT操作系统中发现的多个安全漏洞,并对其进行了详细分析。作者利用Semgrep C/C++规则集和weggli模式收集等工具进行了静态分析,并通过GitHub向RIOT维护人员报告了这些漏洞。 – SecTodayBot

• kvm-fuzz:
https://github.com/klecko/kvm-fuzz

   ・ 使用KVM对x86_64二进制文件进行模拟和模糊测试,结合Intel Processor Trace进行代码覆盖 – SecTodayBot

• Guntior - the story of an advanced bootkit that doesn't rely on Windows disk drivers:
https://artemonsecurity.blogspot.com/2024/04/guntior-story-of-advanced-bootkit-that.html?m=1

   ・ 介绍了一种不依赖于Windows磁盘驱动程序的高级bootkit - Guntior – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959630&idx=1&sn=20e215bb12254b5c97ba9ad8d192b040&chksm=8baed1d1bcd958c704321846b5c53261c16862f2285f5c6d6a41c7daf35610cab41c39a8353e&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh