每日安全动态推送(6-17)
2024-6-17 18:15:53 Author: mp.weixin.qq.com(查看原文) 阅读量:4 收藏

Tencent Security Xuanwu Lab Daily News

• GHSL-2024-001_GHSL-2024-003: Remote DoS and potential authentication bypasses in RubyGems.org - CVE-2024-35221:
https://securitylab.github.com/advisories/GHSL-2024-001_GHSL-2024-003_rubygems_org/

   ・ RubyGems.org远程DoS漏洞和潜在的身份验证绕过漏洞。 – SecTodayBot

• NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!):
https://dlvr.it/T8MPxq

   ・ 介绍了一种名为NativeDump的工具,它使用本机API来转储lsass进程,不涉及新漏洞信息,而是讨论了使用本机API转储lsass进程的功能和用法。 – SecTodayBot

• poutine: Find Supply Chain Vulnerabilities Fast:
https://meterpreter.org/poutine-find-supply-chain-vulnerabilities-fast/

   ・ poutine是一款安全扫描工具,可用于检测存储库构建流水线中的错误配置和漏洞 – SecTodayBot

• GitHub - sigstore/model-transparency: Supply chain security for ML:
https://github.com/sigstore/model-transparency

   ・ Supply chain security for ML。专注于机器学习pipeline的安全性,提供与确保机器学习模型的完整性和来源相关的实用程序和示例。 – SecTodayBot

• Working as Intended: The Unauditable, Unmanageable Keys in Google Cloud by Kat Traxler:
https://www.vectra.ai/blog/working-as-intended-the-unauditable-unmanageable-keys-in-google-cloud

   ・ Google Cloud HMAC Keys存在三个漏洞,包括日志记录不足、长期凭证难以管理和长期凭证无法审计。 – SecTodayBot

• stack frames size in DWARF:
https://redplait.blogspot.com/2024/06/stack-frames-size-in-dwarf.html

   ・ 围绕内核中的堆栈大小以及从DWARF调试信息中提取堆栈帧大小展开讨论 – SecTodayBot

• PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows):
https://dlvr.it/T8GZvX

   ・ 揭示了PHP存在的一个远程代码执行漏洞(CVE-2024-4577),并提供了利用该漏洞的利用脚本。 – SecTodayBot

• Malcolm: Powerful, easily deployable network traffic analysis tool suite:
https://meterpreter.org/malcolm-powerful-easily-deployable-network-traffic-analysis-tool-suite/

   ・ Malcolm是一个强大的网络流量分析工具套件,旨在提供易于部署的解决方案,支持全数据包捕获文件(PCAP)和Zeek(以前称为Bro)日志,并具有强大的流量分析和安全通信功能。 – SecTodayBot

• CVE-2024-20693: Windows cached code signature manipulation:
https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation/

   ・ 介绍了Windows中的一个新漏洞CVE-2024-20693,该漏洞允许操纵可执行文件或DLL的缓存签名签名级别。 – SecTodayBot

• CVE-2024-26229 Beacon Object Files:
https://github.com/NVISOsecurity/CVE-2024-26229-BOF

   ・ 对Cobalt Strike和BruteRatel的Beacon Object File(BOF)漏洞利用实现 – SecTodayBot

• Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces – Horizon3.ai:
https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces/

   ・ 披露了AI公司Hugging Face平台中的潜在漏洞和漏洞,对Gradio框架中的漏洞CVE-2023-51449和CVE-2024-1561进行了详细分析。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959695&idx=1&sn=dd88dd65579b30699b3f8b8d9fdd4b3f&chksm=8baed110bcd958067cb4d9ddb0ce28bdd02f46775762fa330ec3732016b0e31b7923c724b955&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh