每日安全动态推送(5-23)
2024-5-23 13:23:27 Author: mp.weixin.qq.com(查看原文) 阅读量:2 收藏

Tencent Security Xuanwu Lab Daily News

• A malware campaign exploits Microsoft Exchange Server flaws:
https://securityaffairs.com/163521/breaking-news/microsoft-exchange-server-flaws-attacks.html

   ・ 报告了关于Microsoft Exchange Server中嵌入的键盘记录器和信息窃取的网络安全事件 – SecTodayBot

• PoC Exploit Released for Critical Git RCE Vulnerability:
https://cybersecuritynews.com/poc-exploit-released-2/

   ・ Git存在关键性漏洞CVE-2024-32002,允许远程代码执行 – SecTodayBot

• Multiple Critical Vulnerabilities Discovered in Ivanti Endpoint Manager:
https://securityonline.info/multiple-critical-vulnerabilities-discovered-in-ivanti-endpoint-manager/

   ・ vanti Endpoint Manager存在多个关键漏洞,包括SQL注入攻击,可能导致攻击者获取对组织网络端点的重大控制权。所有Ivanti EPM 2022版本在服务更新5之前都容易受到这些漏洞的影响。 – SecTodayBot

• iOS 17.5 Bug May Make Your Deleted Photos Resurface on Wiped Devices:
https://idevicecentral.com/apple/ios-17-5-bug-makes-your-deleted-photos-resurface-on-wiped-devices/

   ・ iOS 17.5存在隐私漏洞,即使设备被清除后仍显示上一个所有者的照片。文章讨论了这一安全问题,涉及iOS内部工作机制和隐私问题。  – SecTodayBot

• ANSI Escape Injection Vulnerability in WinRAR:
https://medium.com/@sdushantha/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983

   ・ WinRAR发布了更新补丁,修复了影响版本6.24及更早版本的控制台版本RAR和UnRAR的ANSI转义序列注入漏洞。该漏洞允许攻击者欺骗屏幕输出或导致拒绝服务,并提供了详细的漏洞分析和利用示例。 – SecTodayBot

• CVE-2024-4367 – Arbitrary JavaScript execution in PDF.js:
https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/

   ・ PDF.js存在漏洞CVE-2024-4367,影响Firefox和许多基于Web和Electron的应用程序。文章详细分析了漏洞的根本原因,解释了PDF.js字体渲染代码中的特定部分的疏忽。 – SecTodayBot

• Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323):
https://www.tenable.com/blog/linguistic-lumberjack-attacking-cloud-services-via-logging-endpoints-fluent-bit-cve-2024-4323?s=09

   ・ 介绍了Fluent Bit中的一个重要内存破坏漏洞,该漏洞可能导致拒绝服务、信息泄露或远程代码执行 – SecTodayBot

• Android Banking Trojan Antidot Disguised as Google Play Update:
https://www.darkreading.com/endpoint-security/android-banking-trojan-antidot-disguised-as-google-play-update

   ・ 该文章介绍了一种名为Antidot的银行木马,它利用覆盖攻击和键盘记录技术来窃取用户的财务数据。Antidot的突出亮点在于利用WebSocket实现与C2服务器的实时双向交互,使攻击者对感染设备具有重大控制权。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959648&idx=1&sn=431440b5ae7f9c02b6ec59c3debb1a63&chksm=8baed1ffbcd958e9bc4da6a430452ff4742dafc2fd5837bd6b667912e8ab9a9a027f99ef6c62&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh