Tencent Security Xuanwu Lab Daily News

• CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery:

https://blog.rapid7.com/2024/07/26/cve-2024-6922-automation-anywhere-automation-360-server-side-request-forgery/

   ・ Automation 360 Robotic Process Automation suite v21-v32存在未经身份验证的服务器端请求伪造（SSRF）漏洞，可能导致攻击者执行任意网络请求 – SecTodayBot

• Abusing RCU callbacks with a Use-After-Free read to defeat KASLR:
https://anatomic.rip/abusing_rcu_callbacks_to_defeat_kaslr/

   ・ 一种利用滥用RCU回调的Use-After-Free读取来打败KASLR的技术。 – SecTodayBot

• Introduction:
https://tudoor.net/

   ・ 介绍了一种名为TuDoor的新型DNS攻击，发现了三种逻辑漏洞，提出了三种新型攻击。攻击涉及使用格式错误的DNS响应数据包进行DNS缓存污染、拒绝服务和资源消耗攻击。 – SecTodayBot

• H1d3r/GPU_ShellCode:
https://github.com/H1d3r/GPU_ShellCode

   ・ 一种利用GPU内存来隐藏payload的新技术。 – SecTodayBot

• PDF Dosyalarına Zararlı Kod Enjekte Etme ve PDF Dropper (ADOBE):
https://cti.monster/blog/2024/07/25/pdfdropper.html#title

   ・ 本文介绍了如何通过在PDF文件中注入JavaScript代码来创建PDF dropper，从而实现从特定URL下载文件并建立Command and Control（C2）连接的过程。 – SecTodayBot

• 10 Million Users Compromised in Z-Library Phishing Site Hack:
https://securityonline.info/10-million-users-compromised-in-z-library-phishing-site-hack/

   ・  Z-Library网站的钓鱼攻击事件导致近1000万用户数据泄露，包括个人信息、密码、加密货币钱包地址和支付详情。攻击者的服务器存在目录列表功能，使得用户可以查看服务器上的所有文件，包括包含数百万用户个人信息的数据库。 – SecTodayBot

• Leaked Intel Boot Guard keys: What happened? How does it affect the software supply chain?:
https://www.binarly.io/blog/leaked-intel-boot-guard-keys-what-happened-how-does-it-affect-the-software-supply-chain

   ・ 围绕固件源代码泄露的影响展开了对Intel Boot Guard技术的深入分析和评估。文章详细解释了Intel Boot Guard的工作原理，泄露的具体内容以及泄露的实际影响 – SecTodayBot

• CYBERSECEVAL 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models | Research - AI at Meta:
https://ai.meta.com/research/publications/cyberseceval-3-advancing-the-evaluation-of-cybersecurity-risks-and-capabilities-in-large-language-models/

   ・ 一套新的安全基准，用于评估LLM的网络安全风险和能力 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab