每日安全动态推送(3-4)

Tencent Security Xuanwu Lab Daily News

• New Malicious PyPI Packages used by Lazarus – JPCERT/CC Eyes:

https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html

   ・ 详细分析了Lazarus发布的恶意Python软件包 – SecTodayBot

• WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting:
https://packetstormsecurity.com/files/177361

   ・ 披露了WordPress IDonate插件1.8.1及以下版本存在的持久性跨站脚本漏洞，同时提供了利用该漏洞的POC。 – SecTodayBot

• Notepad.exe Will Snitch On You (full coding project):
https://www.youtube.com/watch?v=zSSBbv2fc2s

   ・ 提到了Notepad.exe可能存在的安全风险 – SecTodayBot

• SMM isolation – SMI deprivileging (ISRD):
https://tandasat.github.io/blog/2024/02/29/ISRD.html

   ・ 深入分析了英特尔平台上系统管理模式（SMM）隔离的内部工作原理，重点介绍了Intel System Resources Defense (ISRD) 和 SMI deprivileging。 – SecTodayBot

• Mail in the Middle – A tool to automate spear phishing campaigns:
https://sensepost.com/blog/2024/mail-in-the-middle-a-tool-to-automate-spear-phishing-campaigns/

   ・ 介绍了一种名为Mail-in-the-Middle (Maitm)的新安全工具，用于拦截和篡改电子邮件 – SecTodayBot

• Re: CVE-2024-22857: Heap Based Buffer overflow in zlog library:
https://seclists.org/oss-sec/2024/q1/179

   ・ 介绍了 zlog 库中的一个新漏洞（CVE-2024-22857） – SecTodayBot

• DOM Clobbering Wiki:
https://domclob.xyz/domc_wiki/techniques/

   ・ 介绍了DOM Clobbering攻击技术，讨论了攻击者如何操纵安全敏感变量和内置浏览器API的值。 – SecTodayBot

• How to Track Realtime Location of ANY Telegram User — 2 Methods:
https://x-it.medium.com/how-to-track-realtime-location-of-any-telegram-user-2-methods-ec09d873b839

   ・ 介绍了两种追踪Telegram用户实时位置的方法 – SecTodayBot

• Remote Code Execution in Apache Dolphinscheduler(CVE-2023-49109) – 先知社区:
https://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx

   ・ 针对Apache Dolphinscheduler 中存在远程代码执行漏洞分析 (CVE-2023-49109) – lanying37

• VoltSchemer: attacks on wireless chargers through the power supply | Kaspersky official blog:
https://kas.pr/a192

   ・ 介绍了来自佛罗里达大学的研究人员对使用Qi无线充电器进行攻击的研究 – SecTodayBot

• Read In This Article:
https://hadess.io/web-llm-attacks/

   ・ 文章重点讨论了LLMs整合所带来的安全挑战和防御策略，涉及了输出处理不安全、提示注入、训练数据污染等方面的漏洞。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(3-4)