• Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1):
https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
・ 发现glibc中一个24年的缓冲区溢出漏洞,通过PHP引擎漏洞利用的方法。
– SecTodayBot
• Page 1 of 36:
https://drive.google.com/file/d/1lUFIugzEy1eBBWkLDHC_hzRfahZUCZYR/view?usp=sharing
・ 讨论了在规模上实现模糊测试的民主化
– SecTodayBot
• Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973):
https://spaceraccoon.dev/zscaler-client-connector-local-privilege-escalation/
・ 揭示了Zscaler Client Connector的多个漏洞,并详细分析了特权升级的方法
– SecTodayBot
• NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers:
https://gbhackers.com/nsa-zero-trust-maturity-guidance/
・ NSA released guidance on advancing Zero Trust maturity for application and workload security
– SecTodayBot
• oss-security - Re: The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence:
https://www.openwall.com/lists/oss-security/2024/05/27/6
・ 重点介绍了GNU C库中的新漏洞CVE-2024-2961对PHP应用程序的影响,提供了与该漏洞相关的利用程序
– SecTodayBot
• Part 2: Threat Detection Engineering and Incident Response with AuditD and Sentinel — Combine Events by ID with Laurel before sending to Sentinel as JSON and Parser for event searching and alert building:
https://medium.com/@truvis.thornton/part-2-threat-detection-engineering-and-incident-response-with-auditd-and-sentinel-combine-a3384e1164e6
・ 介绍了如何使用Laurel工具结合AuditD事件以更好地进行威胁检测
– SecTodayBot
• Uncovering an undetected KeyPlug implant attacking industries in Italy - Yoroi:
https://yoroi.company/en/research/uncovering-an-undetected-keyplug-implant-attacking-industries-in-italy/
・ 对APT41的一次深入调查,发现了一个袭击意大利产业的未被发现的KeyPlug植入物,并对其进行了详细的技术分析
– SecTodayBot
• kotest:
https://redplait.blogspot.com/2024/05/kotest.html
・ 介绍了一种新的工具kotest,用于分析Linux内核模块中不同内存部分之间的链接
– SecTodayBot
• SherlockChain - A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts:
https://dlvr.it/T7SckC
・ SherlockChain是一个强大的智能合约分析框架,结合了Slither工具和先进的人工智能功能。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab