Tencent Security Xuanwu Lab Daily News
• Intel SGX Security Compromised: Root Provisioning Key Extracted:
https://securityonline.info/intel-sgx-security-compromised-root-provisioning-key-extracted/
・ 英特尔SGX安全性受损,研究人员成功提取了根供应密钥。这一漏洞的根本原因是英特尔微码中的缺陷,导致关键密钥的暴露
– SecTodayBot
• Autonomously Uncovering and Fixing a Hidden Vulnerability in SQLite3 with an LLM-Based System:
https://team-atlanta.github.io/blog/post-asc-sqlite/
・ 通过基于LLM Atlantis Cyber Reasoning System自主发现并修复了SQLite3中的一个隐藏漏洞
– SecTodayBot
• VAmPI: Vulnerable REST API with OWASP top 10 vulnerabilities for security testing:
https://meterpreter.org/vampi-vulnerable-rest-api-with-owasp-top-10-vulnerabilities-for-security-testing/
・ 介绍了一个基于Flask的易受攻击的API,其中包含了OWASP前10个API漏洞,旨在用于安全测试
– SecTodayBot
• GrimResource – Microsoft Management Console for initial access and evasion — Elastic Security Labs:
https://www.elastic.co/security-labs/grimresource
・ 揭示了一种新的代码执行技术 – GrimResource,利用MSC文件实现对Microsoft Management Console (mmc.exe)的任意代码执行。
– SecTodayBot
• The vulnerabilities we uncovered by fuzzing µC/OS protocol stacks:
https://blog.talosintelligence.com/fuzzing-uc-os-protocol-stacks/
・ 如何创建了自己的fuzzer来搜索工业控制系统中常用的µC/OS协议栈中的安全问题,并发现了其中的多个漏洞
– SecTodayBot
• Zero Day Initiative — CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability:
https://www.zerodayinitiative.com/blog/2024/8/27/cve-2024-37079-vmware-vcenter-server-integer-underflow-code-execution-vulnerability
・ VMware vCenter Server存在整数下溢漏洞,可能导致任意代码执行
– SecTodayBot
• Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179):
https://www.helpnetsecurity.com/2023/09/21/cve-2023-41179/
・ Trend Micro端点安全产品中的一个关键漏洞(CVE-2023-41179),并提供了相应的补丁和风险缓解措施
– SecTodayBot
• 慢雾:揭露浏览器恶意书签如何盗取你的 Discord Token:
https://mp.weixin.qq.com/s/2RjEgv9lp6e01ah2t6DX4w
・ 本文揭露了一种新的钓鱼攻击方法,通过恶意的书签来盗取项目方 Discord 账号的 Token,用来发布虚假信息等诱导用户访问钓鱼网站,从而盗取用户的数字资产
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(8-29)