每日安全动态推送(5-28)
2024-5-28 12:31:56 Author: mp.weixin.qq.com(查看原文) 阅读量:2 收藏
Tencent Security Xuanwu Lab Daily News

• Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1):
https://www.ambionics.io/blog/iconv-cve-2024-2961-p1

   ・ 发现glibc中一个24年的缓冲区溢出漏洞,通过PHP引擎漏洞利用的方法。 – SecTodayBot

• Page 1 of 36:
https://drive.google.com/file/d/1lUFIugzEy1eBBWkLDHC_hzRfahZUCZYR/view?usp=sharing

   ・ 讨论了在规模上实现模糊测试的民主化 – SecTodayBot

• Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973):
https://spaceraccoon.dev/zscaler-client-connector-local-privilege-escalation/

   ・ 揭示了Zscaler Client Connector的多个漏洞,并详细分析了特权升级的方法 – SecTodayBot

• NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers:
https://gbhackers.com/nsa-zero-trust-maturity-guidance/

   ・ NSA released guidance on advancing Zero Trust maturity for application and workload security – SecTodayBot

• oss-security - Re: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence:
https://www.openwall.com/lists/oss-security/2024/05/27/6

   ・ 重点介绍了GNU C库中的新漏洞CVE-2024-2961对PHP应用程序的影响,提供了与该漏洞相关的利用程序 – SecTodayBot

• Part 2: Threat Detection Engineering and Incident Response with AuditD and Sentinel — Combine Events by ID with Laurel before sending to Sentinel as JSON and Parser for event searching and alert building:
https://medium.com/@truvis.thornton/part-2-threat-detection-engineering-and-incident-response-with-auditd-and-sentinel-combine-a3384e1164e6

   ・ 介绍了如何使用Laurel工具结合AuditD事件以更好地进行威胁检测 – SecTodayBot

• Uncovering an undetected KeyPlug implant attacking industries in Italy   - Yoroi:
https://yoroi.company/en/research/uncovering-an-undetected-keyplug-implant-attacking-industries-in-italy/

   ・ 对APT41的一次深入调查,发现了一个袭击意大利产业的未被发现的KeyPlug植入物,并对其进行了详细的技术分析 – SecTodayBot

• kotest:
https://redplait.blogspot.com/2024/05/kotest.html

   ・ 介绍了一种新的工具kotest,用于分析Linux内核模块中不同内存部分之间的链接 – SecTodayBot

• SherlockChain - A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts:
https://dlvr.it/T7SckC

   ・ SherlockChain是一个强大的智能合约分析框架,结合了Slither工具和先进的人工智能功能。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959654&idx=1&sn=d0516e680c4ca96846fa7ca752f6bb10&chksm=8baed1f9bcd958ef2d6a5caf50d43ac644e6d3aa42dee692a60a81ba1e4332bc0a086e13ee05&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh