每日安全动态推送(2-23)

 Tencent Security Xuanwu Lab Daily News

• CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day:
https://research.trendmicro.com/smartscreen-vulnerability-cve-2024-21412-analysis

   ・ 该文章介绍了Water Hydra APT组利用CVE-2024-21412对金融市场交易者进行攻击的情况 – SecTodayBot


• Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3:
https://seclists.org/fulldisclosure/2024/Feb/19

   ・ 该文章披露了Microsoft Windows Defender中的新漏洞,详细分析了对TrojanWin32Powessere.G的检测规避方法,并提供了漏洞利用的实例 – SecTodayBot


• JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2:
https://www.asset-intertech.com/resources/blog/2024/02/jtag-debug-of-windows-hyper-v-secure-kernel-with-exdi-part-2/

   ・ 本文介绍了使用EXDI和DCI来探索Windows hypervisor的使用,并讨论了使用SourcePoint,WinDbg和Intel PT来调试安全内核的方法,是一篇关于调试和追踪低级安全内核和hypervisor代码的新方法的文章。  – SecTodayBot


• Resources:
https://github.com/labesterOct/CVE-2024-21413

   ・ 微软Outlook存在远程代码执行漏洞CVE-2024-21413 – SecTodayBot


• WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics:
https://securitycafe.ro/2024/02/19/winrar-rce-vulnerability-spotlight-apt29s-zero-day-tactics/

   ・ 该文章重点介绍了俄罗斯APT29组织利用WinRAR的CVE-2023-38831漏洞进行的网络攻击,详细分析了攻击手法和社会政治影响,同时提供了手动利用CVE-2023-38831的详细步骤。 – SecTodayBot


• Proxmark3 4.18218 Custom Firmware:
https://packetstormsecurity.com/files/177189

   ・ 该文章介绍了针对Proxmark3设备的定制固件,扩展了当前可用的固件。 – SecTodayBot


• 19th February – Threat Intelligence Report – Check Point Research:
https://research.checkpoint.com/2024/19th-february-threat-intelligence-report/

   ・ 披露了多个新的漏洞信息,包括微软Outlook的远程代码执行漏洞和Adobe产品中的多个漏洞。 – SecTodayBot


• XAMPP – Buffer Overflow POC:
https://dlvr.it/T2xMhK

   ・ 该文章披露了XAMPP v3.3.0的’.ini’缓冲区溢出漏洞,包括了详细的分析和利用该漏洞的POC代码。  – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(2-23)

版权声明:admin 发表于 2024年2月23日 上午9:49。
转载请注明:每日安全动态推送(2-23) | CTF导航

相关文章