• ESXi Security-hardening | change the default “ESX Admins” AD group:
https://mosnotes.com/2018/12/05/esxi-security-hardening-change-the-default-esx-admins-ad-group/
・ 通过更改默认AD组来保护ESXi主机的新方法,使用了GUI和PowerCLi
– SecTodayBot
• Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | FortiGuard Labs:
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed
・ 分析了Microsoft Windows SmartScreen中的安全绕过漏洞CVE-2024-21412以及黑客利用该漏洞的攻击技术
– SecTodayBot
• VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns:
https://blog.rapid7.com/2024/07/30/vmware-esxi-cve-2024-37085-targeted-in-ransomware-campaigns/
・ 微软关于影响 VMware ESXi hypervisors 的 CVE-2024-37085 漏洞的威胁情报,包括漏洞的详细分析、利用方法和缓解指南。
– SecTodayBot
• Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails:
https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html
・ 一起利用电子邮件路由错误配置进行网络钓鱼的新型威胁,揭示了Proofpoint服务器漏洞的详细分析和根本原因。
– SecTodayBot
• ImageMagick AppImage Vulnerability Opens Door to Arbitrary Code Execution:
https://securityonline.info/imagemagick-appimage-vulnerability-opens-door-to-arbitrary-code-execution/
・ ImageMagick的AppImage版本存在漏洞,可能导致远程代码执行
– SecTodayBot
• Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port:
https://posts.specterops.io/hands-in-the-cookie-jar-dumping-cookies-with-chromiums-remote-debugger-port-34c4f468844e
・ 一种从Chromium浏览器中窃取Cookie的技术,通过启动Chrome的远程调试端口绕过加密以及利用Chrome解密Cookie。
– SecTodayBot
• RADIUS Protocol Vulnerability Impacted Multiple Cisco Products:
https://cybersecuritynews.com/radius-protocol-vulnerability-cisco/
・ 披露了RADIUS协议的关键漏洞,影响到思科等多个知名软件产品
– SecTodayBot
• Unveiling the latest banking trojan threats in LATAM:
https://securityintelligence.com/posts/unveiling-latest-banking-trojan-threats-latam/
・ IBM Security Lab在拉丁美洲地区观察到的恶意Chrome扩展相关的活动激增,以及CyberCartel团伙利用Web注入和浏览器中间人攻击等先进技术,针对拉丁美洲金融机构的攻击手法进行了详细分析。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab