Tencent Security Xuanwu Lab Daily News
• Two-thirds of internet-facing SolarView systems still vulnerable to critical bug:
https://www.scmagazine.com/news/vulnerability-management/solarview-systems-vulnerable-critical-bug
・ 太阳能发电厂工业控制系统 (ICS) 控制系统的安全研究人员报告,基于加州大学圣地亚哥分校安全研究中心 (CSIS) 的研究团队发表的论文
– SecTodayBot
• Common Nginx misconfigurations that leave your web server open to attack:
https://blog.detectify.com/2020/11/10/common-nginx-misconfigurations/
・ 一些常见的 Nginx 错误配置,如果不加以检查,您的网站将容易受到攻击。以下是如何在攻击者利用之前找到一些最常见的错误信息
– SecTodayBot
• How Cybercriminals Can Perform Virtual Kidnapping Scams Using AI Voice Cloning Tools and ChatGPT:
https://research.trendmicro.com/virtualkidnapping
・ 网络犯罪分子如何利用 AI 语音克隆工具和 ChatGPT 实施虚拟绑架诈骗,利用 Deepfake 技术和 DeepFake 音频技术发起攻击:虚拟绑架的真实案例
– SecTodayBot
• Breaking GPT-4 Bad: Check Point Research Exposes How Security Boundaries Can Be Breached as Machines Wrestle with Inner Conflicts – Check Point Blog:
https://blog-checkpoint-com.cdn.ampproject.org/c/s/blog.checkpoint.com/artificial-intelligence/breaking-gpt-4-bad-check-point-research-exposes-how-security-boundaries-can-be-breached-as-machines-wrestle-with-inner-conflicts/amp/
・ Check Point Research 检查了 ChatGPT-4 的安全性,并揭示了如何绕过限制 – 研究人员提出了一种称为双绑定旁路的新机制,将 GPT-4 的内部动机与其自身相冲突
– SecTodayBot
• [kubernetes] CVE-2023-2728: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin Rita Zhang <rita.z.zhang () gmail com>:
https://seclists.org/oss-sec/2023/q3/9
・ CVE-2023-2728:使用临时容器时,绕过 ServiceAccount 准入插件强制执行的可安装机密策略 – Kubernetes 受此漏洞影响
– SecTodayBot
• ScrapPY – A Python Utility For Scraping Manuals, Documents, And Other Sensitive PDFs To Generate Wordlists That Can Be Utilized By Offensive Security Tools:
http://www.kitploit.com/2023/07/scrappy-python-utility-for-scraping.html
・ ScrapPY 是一个 Python 实用程序,用于抓取手册、文档和其他敏感 PDF 以生成目标单词列表,攻击性安全工具可以利用该单词列表执行暴力破解、强制浏览和字典攻击。该工具深入挖掘导致潜在密码或隐藏目录的关键字和短语,输出到可由 Hydra、Dirb 和 Nma 等工具读取的文本文件
– SecTodayBot
• Two Stories for “What is CHERI?”:
https://tratt.net/laurie/blog/2023/two_stories_for_what_is_cheri.html
・ CHERI 是一种工具,可以帮助捕获缓冲区溢出等缺陷,避免它们成为安全问题。
– SecTodayBot
• Flutter Restrictions Bypass:
https://blog.cybercx.co.nz/flutter-restrictions-bypass
・ 使用动态检测框架 Frida 绕过绕过 Flutter 框架的防篡改和防 root 检测
– SecTodayBot
• rax30 patch diff analysis & nday exploit for zdi-23-496:
http://blog.coffinsec.com/nday/2023/05/12/rax30-patchdiff-nday-analysis.html
・ ZDI-23-499:soap_serverd 基于堆栈的缓冲区溢出:sscanf() – 堆栈溢出漏洞
– SecTodayBot
• Ghidralligator: Emulate and Fuzz the Embedded World – Airbus Defence and Space Cyber:
https://www.cyber.airbus.com/ghidralligator_emulate_and_fuzz_the_embedded_world/
・ Ghidralligator – 一个基于 Ghidra 构建的模拟器,能够模拟各种 CPU 架构。此外,它可以与 AFL 集成,以启用具有代码覆盖功能的快照模糊测试
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(7-10)