每日安全动态推送(5-20)

Tencent Security Xuanwu Lab Daily News

• CVE-2024-32888 (CVSS 10): SQLi Vulnerability Discovered in Amazon Redshift JDBC Driver:
https://securityonline.info/cve-2024-32888-cvss-10-sqli-vulnerability-discovered-in-amazon-redshift-jdbc-driver/

   ・ 亚马逊的Redshift JDBC驱动程序中发现了一个严重的SQL注入漏洞(CVE-2024-32888),攻击者可以利用该漏洞执行未经授权的命令,潜在影响包括数据泄露、未经授权访问甚至完全接管系统。 – SecTodayBot


• Two-stage Dropbox spear phishing:
https://www.kaspersky.com/blog/two-stage-dropbox-phishing/51253/?utm_source=twitter&utm_medium=social&utm_campaign=gl_JEEK_je0066&utm_content=link&utm_term=gl_twitter_organic_bbunt9ikf66cllx

   ・ 网络钓鱼者越来越倾向于使用复杂的定向攻击。文章披露了一种新型多阶段网络钓鱼方案 – SecTodayBot


• Critical vulnerabilities in Cinterion modems:
https://kas.pr/32v1

   ・ Telit Cinterion蜂窝M2M调制解调器中的严重漏洞 – SecTodayBot


• Ivanti EPMM CVE-2024-22026 Vulnerability: Potential for Full System Takeover, PoC Published:
https://securityonline.info/ivanti-epmm-cve-2024-22026-vulnerability-potential-for-full-system-takeover-poc-published/

   ・ Ivanti EPMM存在严重漏洞(CVE-2024-22026),可能导致系统被完全控制。该漏洞的根本原因是EPMM CLI工具安装命令中的不足验证,使攻击者能够以root权限执行任意命令 – SecTodayBot


• QNAP QTS – QNAPping At The Wheel (CVE-2024-27130 and friends):
https://labs.watchtowr.com/qnap-qts-qnapping-at-the-wheel-cve-2024-27130-and-friends/

   ・ 揭示了QNAP QTS中的安全漏洞CVE-2024-27130,该漏洞是一个未经身份验证的堆栈溢出漏洞,允许远程代码执行。 – SecTodayBot


• Palo Alto Networks To ‘Change How Cybersecurity Is Done’ With AI Launch: CPO Lee Klarich:
https://www.crn.com/news/ai/2024/palo-alto-networks-to-change-how-cybersecurity-is-done-with-ai-launch-cpo-lee-klarich

   ・ Palo Alto Networks推出新的AI产品,结合GenAI和机器学习,使安全更具预测性和实时性 – SecTodayBot


• HTB Sherlock: Logjammer:
https://0xdf.gitlab.io/2024/05/16/htb-sherlock-logjammer.html

   ・ 本文主要介绍了使用EvtxECmd.exe将Windows事件日志转换为JSON,并使用JQ和Bash等工具进行分析的方法。 – SecTodayBot


• ShellSweep – PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory:
https://dlvr.it/T71YkZ

   ・ ShellSweep是一款旨在通过熵计算来检测指定目录中潜在Webshell文件的工具。文章介绍了ShellSweep工具的特性和功能,以及如何利用熵计算来检测潜在的Webshell文件。  – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(5-20)

版权声明:admin 发表于 2024年5月20日 下午4:44。
转载请注明:每日安全动态推送(5-20) | CTF导航

相关文章