每日安全动态推送(5-15)

资讯 6个月前 admin
86 0 0
Tencent Security Xuanwu Lab Daily News

• Nothing but Net: Leveraging macOS’s Networking Frameworks to Heuristically Detect Malware:
https://speakerdeck.com/patrickwardle/nothing-but-net-leveraging-macoss-networking-frameworks-to-heuristically-detect-malware

   ・ 介绍了在macOS主机上直接枚举网络状态、统计和流量的程序化方法,通过这些技术,可以高效地检测针对macOS的已知和未知威胁。 – SecTodayBot


• Jackalope/examples/VideoToolbox at main · googleprojectzero/Jackalope:
https://github.com/googleprojectzero/Jackalope/tree/main/examples/VideoToolbox

   ・ 介绍了使用Jackalope发现macOS Sonoma中视频解码模块的15个漏洞,并讨论了视频解码fuzzer会话的新方法和工具 – SecTodayBot


• GHSL-2024-041_GHSL-2024-042: GitHub Actions expression injection in KubeBlocks:
https://securitylab.github.com/advisories/GHSL-2024-041_GHSL-2024-042_KubeBlocks/

   ・ KubeBlocks项目存在GitHub Actions和工作流方面的漏洞,可能导致信息泄露和存储库修改。 – SecTodayBot


• Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule:
https://blog.sicuranext.com/response-filter-denial-of-service-a-new-way-to-shutdown-a-website/

   ・ 介绍了一种名为Response Filter Denial of Service (RFDoS)的新型攻击,通过触发WAF规则来关闭网站。它详细分析了WAF的过度包容性响应规则如何导致RFDoS,并讨论了当前WAF实施的预防方法的无效性。 – SecTodayBot


• RansomLord v3 / Anti-Ransomware Exploit Tool Released:
https://seclists.org/fulldisclosure/2024/May/18

   ・ 介绍了一个新的反勒索软件利用工具的发布,可以自动创建用于利用勒索软件的PE文件。  – SecTodayBot


• announce – [openwall-announce] “Password cracking: past, present, future” OffensiveCon 2024 keynote talk slides:
https://www.openwall.com/lists/announce/2024/05/14/1

   ・ 讨论了离线密码破解技术的演变和优化 – SecTodayBot


• Cybersecurity AI Breakthroughs | Corellium-GPT-4 | [Webinar Recap]:
https://www.corellium.com/blog/automate-tasks-with-corellium-and-ai

   ・ 讨论了新的模糊测试方法和工具,介绍了Corellium的API和Python 3在网络安全上的应用。 – SecTodayBot


• Foxit PDF “Flawed Design” Exploitation – Check Point Research:
https://research.checkpoint.com/2024/foxit-pdf-flawed-design-exploitation/

   ・ 介绍了一种针对Foxit PDF Reader的新型漏洞利用 – SecTodayBot


• APT-C-08(蔓灵花)组织利用Replit平台攻击活动分析:
https://mp.weixin.qq.com/s/wR7IgBmEuqqGQ9SCAV39Uw

   ・ 报告了APT组织蔓灵花利用在线IDE平台Replit进行钓鱼攻击的新行为,揭示了APT组织不断改进攻击手法的趋势 – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(5-15)

版权声明:admin 发表于 2024年5月15日 下午5:27。
转载请注明:每日安全动态推送(5-15) | CTF导航

相关文章