Tencent Security Xuanwu Lab Daily News

• Microsoft Urges Windows Admins to Patch Microsoft Message Queuing RCE Flaw:
https://gbhackers.com/microsoft-message-queuing-rce-flaw/

   ・ 微软披露了两个关键的远程代码执行漏洞，分别位于Microsoft Message Queuing和Windows Wi-Fi Driver。 – SecTodayBot

• CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability:
https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/

   ・ 揭示了Ivanti Endpoint Manager中的SQL注入漏洞，提供了利用该漏洞的POC – SecTodayBot

• MagicDot: Exploiting Windows Paths for Rootkit Power:
https://meterpreter.org/magicdot-exploiting-windows-paths-for-rootkit-power/

   ・ MagicDot是一个Python软件包，实现了类似rootkit的技术，包括利用DOT-to-NT路径转换已知问题的漏洞。 – SecTodayBot

• Zoom Session Takeover - Cookie Tossing Payloads, OAuth Dirty Dancing, Browser Permissions Hijacking, and WAF abuse:
https://nokline.github.io/bugbounty/2024/06/07/Zoom-ATO.html

   ・ 揭示了Zoom会话和基于web的权限劫持相关的新漏洞信息，详细分析了XSS和cookie字符串解析的根本原因 – SecTodayBot

• CVE-2024-27801: Critical Vulnerability Discovered in Apple Ecosystem, PoC Published:
https://securityonline.info/cve-2024-27801-critical-vulnerability-discovered-in-apple-ecosystem-poc-published/

   ・ 苹果生态系统中发现了一个关键性漏洞CVE-2024-27801，影响多个平台，包括macOS Sonoma、iOS/iPadOS和visionOS。该漏洞的潜在影响很大，可能提升权限，授予恶意应用对系统服务和敏感用户数据的未经授权访问。 – SecTodayBot

• Stepping Stones – A Red Team Activity Hub:
https://research.nccgroup.com/2024/06/12/stepping-stones-a-red-team-activity-hub/

   ・ 一篇介绍开源工具Stepping Stones的文章，该工具用于帮助Red团队记录活动并与Blue团队的日志进行关联。工具具有活动记录、Cobalt Strike和BloodHound集成以及凭据管理等功能。 – SecTodayBot

• Microsoft’s Copilot+ AI PCs: Still a privacy disaster waiting to happen:
https://www.computerworld.com/article/2140400/microsofts-copilot-ai-pcs-are-a-privacy-disaster-waiting-to-happen.html

   ・ Windows PC新功能Recall引发了隐私和安全问题的讨论 – SecTodayBot

• Lateral Movement with the .NET Profiler:
https://posts.specterops.io/lateral-movement-with-the-net-profiler-8772c86f9523

   ・ 如何使用.NET Profiler来hook和instrumentation .NET进程，主要讨论了在.NET应用程序中进行fuzz测试的新方法。 – SecTodayBot

• Fly Phishing:
https://posts.specterops.io/fly-phishing-7d4fb56ac325?source=rss----f05f8696e3cc---4

   ・ 介绍了如何绕过垃圾邮件过滤器进行钓鱼，强调了绕过内容过滤器的策略和技巧。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab