Tencent Security Xuanwu Lab Daily News
• ZDI-24-821: A Remote UAF in The Kernel’s net/tipc:
https://sam4k.com/zdi-24-821-a-remote-use-after-free-in-the-kernels-net-tipc/
・ 介绍了对Linux内核TIPC网络堆栈的漏洞发现和分析
– SecTodayBot
• CloudSorcerer – A new APT targeting Russian government entities:
https://kas.pr/p6kb
・ 介绍了一种名为CloudSorcerer的新型APT组织,它利用了微软Graph、Yandex Cloud和Dropbox云基础设施进行隐秘监视、数据收集和数据外传。文章详细分析了CloudSorcerer的技术细节和行为模式。
– SecTodayBot
• BRF: eBPF Runtime Fuzzer:
https://packetstormsecurity.com/files/179398
・ 介绍了Linux内核中的eBPF技术,并介绍了BPF Runtime Fuzzer(BRF),这是一种满足验证器和eBPF子系统所需语义和依赖关系的模糊测试工具。
– SecTodayBot
• CVE-2024-39349 (CVSS 9.8): Critical Vulnerability in Synology Surveillance Cameras:
https://securityonline.info/cve-2024-39349-cvss-9-8-critical-vulnerability-in-synology-surveillance-cameras/
・ Synology摄像头存在多个严重漏洞,PWN2OWN 2023黑客大赛揭示了这些漏洞
– SecTodayBot
• Recent Water Hydra APT Activity Exploiting CVE-2024-21412:
https://www.broadcom.com/support/security-center/protection-bulletin/recent-water-hydra-apt-activity-exploiting-cve-2024-21412
・ 披露了关于Water Hydra APT最近利用CVE-2024-21412漏洞的活动,可能包含了对该漏洞的详细分析。
– SecTodayBot
• Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough | Oligo Security:
https://www.oligo.security/blog/shelltorch-explained-multiple-vulnerabilities-in-pytorch-model-server
・ PyTorch (TorchServe)的多个漏洞ShellTorch对网络安全造成了严重影响
– SecTodayBot
• GitHub – FLOCK4H/AtomDucky: WiFi Rubber Ducky with a web interface using CircuitPython:
https://github.com/FLOCK4H/AtomDucky
・ Atom Ducky是一种通过网络浏览器控制的HID设备,旨在作为无线操作的Rubber Ducky,个人认证器或休闲键盘。
– SecTodayBot
• BlueSpy: PoC to record audio from a Bluetooth device:
https://meterpreter.org/bluespy-poc-to-record-audio-from-a-bluetooth-device/
・ 介绍了一个通过蓝牙设备录制音频的概念验证,揭示了蓝牙设备的不安全使用,包含了相关漏洞的详细分析和利用方法。
– SecTodayBot
• Cisco Warns of regreSSHion RCE Impacting Multiple Products:
https://cybersecuritynews.com/cisco-warns-regresshion-rce/
・ 思科发布的安全公告,提到了一个影响多种产品的重要远程代码执行漏洞,称为“regreSSHion”。该漏洞影响OpenSSH服务器在基于glibc的Linux系统中,文章详细解释了漏洞的根本原因和建议的缓解措施。
– SecTodayBot
• oss-security – ASLRn’t is still alive and well on x86 kernels, despite CVE-2024-26621 patch:
https://www.openwall.com/lists/oss-security/2024/07/08/3
・ 讨论了ASLR的弱点以及CVE-2024-26621补丁的影响,提供了测试漏洞的Python脚本
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(7-9)