每日安全动态推送(5-8)

Tencent Security Xuanwu Lab Daily News

• TunnelVision – CVE-2024-3661 – Decloaking Full and Split Tunnel VPNs – Leviathan Security Group:
https://www.youtube.com/watch?v=ajsLmZia6UU

   ・ 介绍了有关CVE-2024-3661的VPN漏洞 – SecTodayBot


• Exploiting CData within Jetty servers – CVE-2024-31848/49/50/51 – File Path Traversal & File Read:
https://github.com/Stuub/CVE-2024-31848-PoC

   ・ 披露了针对嵌入式Jetty服务器上运行的CData应用程序的新漏洞,并提供了用于自动化漏洞分析的原型PoC – SecTodayBot


• Empowering Cybersecurity with AI: The Future of Cisco XDR:
https://feedpress.me/link/23532/16675068/empowering-cybersecurity-with-ai-the-future-of-cisco-xdr

   ・ Cisco宣布推出基于人工智能的XDR助手,加速威胁检测和响应,提高安全团队的效率和成本效益。 – SecTodayBot


• Ghidra nanoMIPS ISA module:
https://research.nccgroup.com/2024/05/07/ghidra-nanomips-isa-module/

   ・ NCC Group的硬件和嵌入式系统实践团队开发的针对nanoMIPS架构的Ghidra反汇编和反编译模块。 – SecTodayBot


• GLib (2.26.0+): GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing:
https://seclists.org/oss-sec/2024/q2/219

   ・ GLib中GDBus信号订阅存在漏洞,可能导致未经授权的单播欺骗攻击。 – SecTodayBot


• 1,000,000 requests 2FA bypass:
https://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f

   ・ 披露了绕过两步验证(2FA)和速率限制的新漏洞,以及讨论了使用 brute force 攻击来实现这一绕过的新方法。 – SecTodayBot


• Gftrace – A Command Line Windows API Tracing Tool For Golang Binaries:
https://www.kitploit.com/2024/05/gftrace-command-line-windows-api.html

   ・ 介绍了一种用于追踪Golang二进制文件中Windows API调用的命令行工具gftrace。该工具利用asmstdcall函数来监视特定结构的字段并将其记录下来。通过gftrace,用户可以记录Golang应用程序调用的每个Windows函数的函数名、参数和返回值,而无需挂钩单个API函数或为其创建签名。 – SecTodayBot


• Multiple vulnerabilities in RIOT OS:
https://security.humanativaspa.it/multiple-vulnerabilities-in-riot-os/

   ・ 本文介绍了作者在RIOT操作系统中发现的多个安全漏洞,并对其进行了详细分析。作者利用Semgrep C/C++规则集和weggli模式收集等工具进行了静态分析,并通过GitHub向RIOT维护人员报告了这些漏洞。 – SecTodayBot


• kvm-fuzz:
https://github.com/klecko/kvm-fuzz

   ・ 使用KVM对x86_64二进制文件进行模拟和模糊测试,结合Intel Processor Trace进行代码覆盖 – SecTodayBot


• Guntior – the story of an advanced bootkit that doesn’t rely on Windows disk drivers:
https://artemonsecurity.blogspot.com/2024/04/guntior-story-of-advanced-bootkit-that.html?m=1

   ・ 介绍了一种不依赖于Windows磁盘驱动程序的高级bootkit – Guntior – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(5-8)

版权声明:admin 发表于 2024年5月8日 下午5:08。
转载请注明:每日安全动态推送(5-8) | CTF导航

相关文章