CTF导航 CTF导航

每日安全动态推送(1-23)

渗透技巧 3个月前 admin
35 0 0
Tencent Security Xuanwu Lab Daily News

• Linux 5.6 io_uring Cred Refcount Overflow:
https://packetstormsecurity.com/files/176649

   ・ Linux版本5.6及以上存在cred refcount溢出漏洞,当处理大约39GB的内存使用时,通过io_uring可能会触发该漏洞。 – SecTodayBot


• ADCSync – Use ESC1 To Perform A Makeshift DCSync And Dump Hashes:
http://dlvr.it/T1bZ4Y

   ・ ADCSync是一种新工具,用于在Active Directory环境中实施类DCSync攻击,通过ESC1来dump用户帐户的NTLM哈希。 – SecTodayBot


• Behind the Scenes of Pwn2Own Automotive – Updating AGL #shorts:
https://youtube.com/shorts/2BsbZOb6X6s

   ・ Pwn2Own Automotive是一场著名的汽车网络安全比赛,本文介绍了该比赛的幕后情况 – SecTodayBot


• An introduction to reverse engineering .NET AOT applications:
https://harfanglab.io/en/insidethelab/reverse-engineering-ida-pro-aot-net/

   ・ 文章介绍了关于越南的网络犯罪组织DuckTail的活动报告,以及他们在.NET程序中使用AOT(ahead of time)编译的新特性。AOT编译对于逆向工程师来说是一个挑战,文章介绍了如何识别.NET AOT二进制文件以及设置AOT用于测试项目的步骤。 – SecTodayBot


• Insomni’hack 2024 CTF Teaser – Cache Cache:
https://itm4n.github.io/insomnihack-2024-cache-cache/

   ・ 讨论了作者在CTF中出题和逆向工程Windows RPC服务器的过程 – SecTodayBot


• 0xsha/EVMProxyInspect: Multi-Chain EVM Proxy Detection Tool:
https://github.com/0xsha/EVMProxyInspect

   ・ 介绍了一种新的安全测试工具,Multi-Chain EVM代理检测工具 – SecTodayBot


• Accepting a calendar invite in Outlook could leak your password:
https://www.scmagazine.com/news/accepting-a-calendar-invite-in-outlook-could-leak-your-password

   ・ 微软Outlook存在漏洞,通过恶意日历邀请泄露哈希密码 – SecTodayBot


• CVE-2023-50643: Evernote Remote Code Execution Flaw, PoC Published:
https://securityonline.info/cve-2023-50643-evernote-remote-code-execution-flaw-poc-published/

   ・ Evernote for MacOS存在严重远程代码执行漏洞(CVE-2023-50643),该漏洞源于Electron开发框架,可能导致恶意攻击者执行任意代码。 – SecTodayBot


• A Stealthy Godzilla Webshell: A New Threat Targeting Apache ActiveMQ:
https://securityonline.info/a-stealthy-godzilla-webshell-a-new-threat-targeting-apache-activemq/

   ・ Apache ActiveMQ 软件存在CVE-2023-46604漏洞,可导致恶意攻击者利用Godzilla Webshell进行未经授权访问和控制。 – SecTodayBot


• How Threat Actors Leveraged HAR Files To Attack Okta’s Customers:
https://www.rezonate.io/blog/har-files-attack-okta-customers

   ・ 介绍了Okta的安全漏洞事件,以及黑客是如何利用HAR文件进行攻击的。 – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(1-23)

版权声明:admin 发表于 2024年1月23日 下午2:55。
转载请注明:每日安全动态推送(1-23) | CTF导航

相关文章

攻击技术研判 | 曝光一周年,向日葵RCE漏洞在野利用再现
admin
359
红队免杀必会:R3下常用HOOK技术
admin
856
通达OA俩SQL注入复现与分析
admin
1,131
深度解剖云原生抄袭怪
admin
767
CVE-2022-22005 Microsoft Sharepoint RCE
admin
1,045
黑客(红队)攻防中利用Notepade++实现权限维持
admin
132

相关文章

每日安全动态推送(4-28)
0
[代码审计] 某盗U/发卡系统 不知道是几day
0
Cookie-Monster – BOF To Steal Browser Cookies & Credentials
0
How Did I Easily Find Stored XSS at Apple And Earn $5000 ?
0
How I Discovered an RCE Vulnerability in Tesla, Securing a $10,000 Bounty
0
pgAdmin 8.3 Remote Code Execution
0
How I Prevented a Mass Data Breach – $15,000 bounty – @bxmbn
0
The Windows Registry Adventure #1: Introduction and research results
0
使用 VIM 进行代码审计
0
Progress Flowmon 任意命令执行漏洞 CVE-2024-2389
0