Tencent Security Xuanwu Lab Daily News

• oss-security - CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems:
https://www.openwall.com/lists/oss-security/2024/07/01/3

   ・ OpenSSH的服务器在基于glibc的Linux系统上存在CVE-2024-6387漏洞，可能导致远程代码执行 – SecTodayBot

• Pixel Tablet Dock (korlan) Secure Boot Bypass:
https://oddsolutions.github.io/Pixel-Tablet-Dock-Secure-Boot-Bypass/

   ・ 一系列漏洞利用链，用于在Google Pixel Tablet Dock上运行自定义操作系统/未签名代码 – SecTodayBot

• Model Extraction from Neural Networks:
https://www.schneier.com/blog/archives/2024/07/model-extraction-from-neural-networks.html

   ・ 使用差分密码分析技术从神经网络中提取模型权重的方法 – SecTodayBot

• Automata in Action: New Vulnerabilities Discovered in HP UEFI:
https://eclypsium.com/blog/automata-in-action-new-vulnerabilities-discovered-in-hp-uefi/

   ・ 介绍了Eclypsium在HP UEFI中发现的新漏洞以及他们开发的新的二进制分析系统Automata。 – SecTodayBot

• Exploiting Steam: Usual and Unusual Ways in the CEF Framework:
https://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/

   ・ 剖析了Stream的Chromium嵌入式框架中发现的漏洞及其利用方法，包括具体的漏洞利用代码示例。 – SecTodayBot

• Usability for attacks:
https://promon.co/app-threat-reports/snowblind

   ・ 一种新的安卓攻击向量Snowblind，它利用了Linux内核特性seccomp作为攻击向量，能够绕过应用的强大反篡改机制，这为成功、可扩展的应用程序攻击提供了便利。文章详细分析了Snowblind的攻击向量及其工作原理，同时介绍了Promon公司针对Snowblind实施的保护措施。 – SecTodayBot

• Shellcode Template for Windows x64:
https://github.com/rainerzufalldererste/windows_x64_shellcode_template

   ・ 一个易于修改的shellcode模板，用于加载LoadLibraryA和GetProcAddress，并暴露kernel32.dll的HMODULE。 – SecTodayBot

• Latest Intel CPUs impacted by new Indirector side-channel attack:
https://www.bleepingcomputer.com/news/security/latest-intel-cpus-impacted-by-new-indirector-side-channel-attack/

   ・ 最新的英特尔CPU受到了名为Indirector的新侧信道攻击的影响，攻击者可以利用该漏洞窃取CPU的敏感信息。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab