每日安全动态推送(6-29)

Tencent Security Xuanwu Lab Daily News

• A Python tool to unstrip Rust binaries on Linux:
https://github.com/h311d1n3r/Cerberus

   ・ 一个 Rust 二进制文件的反 strip 工具。基于哈希和评分系统，它可以检索 ELF 文件和 crate 中的大量符号名称进行匹配 – SecTodayBot

• Job Board 1.0 Shell Upload:
https://packetstormsecurity.com/files/173138

   ・ Job Board 1.0 版任意文件上传导致远程代码执行 – SecTodayBot

• Introducing Detection Surface, The Cybersecurity Defense That Parallels Attack Surface:
https://www.forrester.com/blogs/introducing-detection-surface-the-cybersecurity-defense-that-parallels-attack-surface/

   ・ 介绍检测面，即与攻击面对应的网络安全防御体系 – SecTodayBot

• Forensic Investigation of Storage Media – eForensics:
https://eforensicsmag.com/forensic-investigation-of-storage-media/

   ・ 用于取证调查的工具和程序 – SecTodayBot

• Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution:
https://www.securityjoes.com/post/process-mockingjay-echoing-rwx-in-userland-to-achieve-code-execution

   ・ 在用户态回显RWX以实现代码执行：绕过EDR和XDR实现代码执行，绕过安全控制和绕过检测机制 – SecTodayBot

• Fortinet fixes critical RCE flaw in FortiNAC zero-trust product:
https://packetstormsecurity.com/news/view/34754

   ・ FortiNAC 零信任产品 RCE 远程代码执行漏洞，可能允许未经身份验证的用户通过特制的对 tcp /5050 服务的请求执行未经授权的代码或命令 – SecTodayBot

• WordPress LearnDash LMS 4.6.0 Insecure Direct Object Reference:
https://packetstormsecurity.com/files/173152

   ・ WordPress 4.6 中任意用户密码更改漏洞 – SecTodayBot

• Office Suite Premium 10.9.1.42602 Cross Site Scripting:
https://packetstormsecurity.com/files/173143

   ・ Office Suite Premium 10.9.1.42602 XSS 漏洞 – SecTodayBot

• MagicAI 1.55R Cross Site Scripting:
https://packetstormsecurity.com/files/173142

   ・ MagicAI 版本 1.55R 通过文件上传实现XSS – SecTodayBot

• JOKERSPY used to target a cryptocurrency exchange in Japan:
https://securityaffairs.com/147840/hacking/jokerspy-attack-japanese-cryptocurrency-exchange.html

   ・ Bitdefender 研究人员最近发现了一组具有后门功能的恶意文件，这些文件被怀疑是针对 Apple macOS 系统的复杂工具包的一部分。研究人员追踪到的入侵为 REF9134，威胁者使用 sh.py 后门部署 macOS Swiftbelt 枚举工具 – SecTodayBot

• SNAPPY: Detecting Rogue and Fake 802.11 Wireless Access Points Through Fingerprinting Beacon Management Frames:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/snappy-detecting-rogue-and-fake-80211-wireless-access-points-through-fingerprinting-beacon-management-frames/

   ・ 一种通过指纹信标管理帧检测恶意和虚假无线接入点的工具 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(6-29)