每日安全动态推送(7-9)

Tencent Security Xuanwu Lab Daily News

• ZDI-24-821: A Remote UAF in The Kernel’s net/tipc:
https://sam4k.com/zdi-24-821-a-remote-use-after-free-in-the-kernels-net-tipc/

   ・ 介绍了对Linux内核TIPC网络堆栈的漏洞发现和分析 – SecTodayBot

• CloudSorcerer – A new APT targeting Russian government entities:
https://kas.pr/p6kb

   ・ 介绍了一种名为CloudSorcerer的新型APT组织，它利用了微软Graph、Yandex Cloud和Dropbox云基础设施进行隐秘监视、数据收集和数据外传。文章详细分析了CloudSorcerer的技术细节和行为模式。 – SecTodayBot

• BRF: eBPF Runtime Fuzzer:
https://packetstormsecurity.com/files/179398

   ・ 介绍了Linux内核中的eBPF技术，并介绍了BPF Runtime Fuzzer（BRF），这是一种满足验证器和eBPF子系统所需语义和依赖关系的模糊测试工具。 – SecTodayBot

• CVE-2024-39349 (CVSS 9.8): Critical Vulnerability in Synology Surveillance Cameras:
https://securityonline.info/cve-2024-39349-cvss-9-8-critical-vulnerability-in-synology-surveillance-cameras/

   ・ Synology摄像头存在多个严重漏洞，PWN2OWN 2023黑客大赛揭示了这些漏洞 – SecTodayBot

• Recent Water Hydra APT Activity Exploiting CVE-2024-21412:
https://www.broadcom.com/support/security-center/protection-bulletin/recent-water-hydra-apt-activity-exploiting-cve-2024-21412

   ・ 披露了关于Water Hydra APT最近利用CVE-2024-21412漏洞的活动，可能包含了对该漏洞的详细分析。 – SecTodayBot

• Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough | Oligo Security:
https://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server

   ・ PyTorch (TorchServe)的多个漏洞ShellTorch对网络安全造成了严重影响 – SecTodayBot

• GitHub – FLOCK4H/AtomDucky: WiFi Rubber Ducky with a web interface using CircuitPython:
https://github.com/FLOCK4H/AtomDucky

   ・ Atom Ducky是一种通过网络浏览器控制的HID设备，旨在作为无线操作的Rubber Ducky，个人认证器或休闲键盘。 – SecTodayBot

• BlueSpy: PoC to record audio from a Bluetooth device:
https://meterpreter.org/bluespy-poc-to-record-audio-from-a-bluetooth-device/

   ・ 介绍了一个通过蓝牙设备录制音频的概念验证，揭示了蓝牙设备的不安全使用，包含了相关漏洞的详细分析和利用方法。 – SecTodayBot

• Cisco Warns of regreSSHion RCE Impacting Multiple Products:
https://cybersecuritynews.com/cisco-warns-regresshion-rce/

   ・ 思科发布的安全公告，提到了一个影响多种产品的重要远程代码执行漏洞，称为“regreSSHion”。该漏洞影响OpenSSH服务器在基于glibc的Linux系统中，文章详细解释了漏洞的根本原因和建议的缓解措施。 – SecTodayBot

• oss-security – ASLRn’t is still alive and well on x86 kernels, despite CVE-2024-26621 patch:
https://www.openwall.com/lists/oss-security/2024/07/08/3

   ・ 讨论了ASLR的弱点以及CVE-2024-26621补丁的影响，提供了测试漏洞的Python脚本 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(7-9)