每日安全动态推送(9-19)

Tencent Security Xuanwu Lab Daily News

• Azure Active Directory Domain Services Escalation of Privilege:
https://www.secureworks.com/research/azure-active-directory-domain-services-escalation-of-privilege

   ・ Azure AD DS 权限升级漏洞 – SecTodayBot

• CraftCMS RCE:
https://blog.calif.io/p/craftcms-rce

   ・ CraftCMS RCE 远程代码执行漏洞，通过 Imagick 对象 VID 架构进行利用 – SecTodayBot

• NucleiFuzzer – Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications:
http://www.kitploit.com/2023/09/nucleifuzzer-powerful-automation-tool.html

   ・ 一款Web应用程序安全测试自动化工具，它使用ParamSpider识别潜在的入口点，并使用Nucleil的模板扫描Web应用程序中的漏洞 – SecTodayBot

• N-Able’s Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation:
https://thehackernews.com/2023/09/n-ables-take-control-agent.html

   ・ N-Able 的 Take Control Agent 可能被本地非特权攻击者利用来获取 SYSTEM 权限，从而可用于删除 Windows 系统上的任意文件 – SecTodayBot

• YAMA: Yet Another Memory Analyzer for malware detection:
https://securityonline.info/yama-yet-another-memory-analyzer-for-malware-detection/

   ・ 一种用于恶意软件检测的内存分析器 – SecTodayBot

• Abusing the Replicator: Silently Exfiltrating Data with the AWS S3 Replication Service by Kat Traxler:
https://www.vectra.ai/blog/abusing-the-replicator-silently-exfiltrating-data-with-the-aws-s3-replication-service

   ・ 使用 AWS S3 远程备份从组织的生产环境中窃取数据 – SecTodayBot

• Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems:
https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html

   ・ ncurses 库中发现了一组内存损坏缺陷，威胁者可以利用其攻击的 Linux 和 macOS 系统，运行恶意代码 – SecTodayBot

• Log4J’s Unique Impact In The Cloud by Kat Traxler:
https://www.vectra.ai/blog/log4j-unique-impact-in-the-cloud

   ・ Log4J JNDI 远程执行代码漏洞在云上环境中的独特影响 – SecTodayBot

• donut_decryptor:
http://github.com/volexity/donut-decryptor

   ・ 用于解密 donut obfuscator 的工具 – SecTodayBot

• GitHub – NSEcho/furlzz: Fuzz iOS URL schemes:
https://github.com/nsecho/furlzz

   ・ fuzz iOS URL schemes – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(9-19)