每日安全动态推送(5-15)
2024-5-15 17:26:5 Author: mp.weixin.qq.com(查看原文) 阅读量:0 收藏

Tencent Security Xuanwu Lab Daily News

• Nothing but Net: Leveraging macOS's Networking Frameworks to Heuristically Detect Malware:
https://speakerdeck.com/patrickwardle/nothing-but-net-leveraging-macoss-networking-frameworks-to-heuristically-detect-malware

   ・ 介绍了在macOS主机上直接枚举网络状态、统计和流量的程序化方法,通过这些技术,可以高效地检测针对macOS的已知和未知威胁。 – SecTodayBot

• Jackalope/examples/VideoToolbox at main · googleprojectzero/Jackalope:
https://github.com/googleprojectzero/Jackalope/tree/main/examples/VideoToolbox

   ・ 介绍了使用Jackalope发现macOS Sonoma中视频解码模块的15个漏洞,并讨论了视频解码fuzzer会话的新方法和工具 – SecTodayBot

• GHSL-2024-041_GHSL-2024-042: GitHub Actions expression injection in KubeBlocks:
https://securitylab.github.com/advisories/GHSL-2024-041_GHSL-2024-042_KubeBlocks/

   ・ KubeBlocks项目存在GitHub Actions和工作流方面的漏洞,可能导致信息泄露和存储库修改。 – SecTodayBot

• Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule:
https://blog.sicuranext.com/response-filter-denial-of-service-a-new-way-to-shutdown-a-website/

   ・ 介绍了一种名为Response Filter Denial of Service (RFDoS)的新型攻击,通过触发WAF规则来关闭网站。它详细分析了WAF的过度包容性响应规则如何导致RFDoS,并讨论了当前WAF实施的预防方法的无效性。 – SecTodayBot

• RansomLord v3 / Anti-Ransomware Exploit Tool Released:
https://seclists.org/fulldisclosure/2024/May/18

   ・ 介绍了一个新的反勒索软件利用工具的发布,可以自动创建用于利用勒索软件的PE文件。  – SecTodayBot

• announce - [openwall-announce] "Password cracking: past, present, future" OffensiveCon 2024 keynote talk slides:
https://www.openwall.com/lists/announce/2024/05/14/1

   ・ 讨论了离线密码破解技术的演变和优化 – SecTodayBot

• Cybersecurity AI Breakthroughs | Corellium-GPT-4 | [Webinar Recap]:
https://www.corellium.com/blog/automate-tasks-with-corellium-and-ai

   ・ 讨论了新的模糊测试方法和工具,介绍了Corellium的API和Python 3在网络安全上的应用。 – SecTodayBot

• Foxit PDF “Flawed Design” Exploitation - Check Point Research:
https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/

   ・ 介绍了一种针对Foxit PDF Reader的新型漏洞利用 – SecTodayBot

• APT-C-08(蔓灵花)组织利用Replit平台攻击活动分析:
https://mp.weixin.qq.com/s/wR7IgBmEuqqGQ9SCAV39Uw

   ・ 报告了APT组织蔓灵花利用在线IDE平台Replit进行钓鱼攻击的新行为,揭示了APT组织不断改进攻击手法的趋势 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959640&idx=1&sn=ced8202c0f4dc68190005b275b45da72&chksm=8baed1c7bcd958d1c1a6c35d9123702fc513f4d56d9d774abfffdb20d1fc10cbf55c5ef37414&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh