每日安全动态推送(04-15)

渗透技巧 2年前 (2022) admin
456 0 0
Tencent Security Xuanwu Lab Daily News


• [Attack] Bahamut组织近期攻击活动揭露:
https://mp.weixin.qq.com/s/YAAybJBAvxqrQWYDg31BBw

   ・ Bahamut组织近期攻击活动揭露 – lanying37


• Abusing Azure Hybrid Workers for Privilege Escalation – Part 2: An Azure PrivSec Story:
https://www.netspi.com/blog/technical/cloud-penetration-testing/abusing-azure-hybrid-workers-part-2/

   ・ Abusing Azure Hybrid Workers for Privilege Escalation – Jett


• Diving Deeper into WatchGuard Pre-Auth RCE – CVE-2022-26318:
https://blog.assetnote.io/2022/04/13/watchguard-firebox-rce/

   ・ Diving Deeper into WatchGuard Pre-Auth RCE – CVE-2022-26318 – Jett


• readme.md:
https://github.com/BehroozAbbassi/sdkffi

   ・ sdkffi – C 头文件 parser,生成函数标准化原型数据的工具 – Jett


• Make phishing great again. VSTO office files are the new macro nightmare?:
https://medium.com/@airlockdigital/make-phishing-great-again-vsto-office-files-are-the-new-macro-nightmare-e09fcadef010

   ・ 钓鱼时 MS Office VSTO 文件可以被用于植入宏代码 – Jett


• [Tools] Exploiting Struts RCE on 2.5.26:
https://mc0wn.blogspot.com/2021/04/exploiting-struts-rce-on-2526.html

   ・ Exploiting Struts RCE on 2.5.26 – Jett


• CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg – Sick Codes – Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!:
https://sick.codes/sick-2022-42/

   ・ Signal client for iOS 被发现 RTLO 注入 URL 欺骗问题 – Jett


• mssql 提权总结:
https://tttang.com/archive/1545/

   ・ mssql 提权总结 – lanying37


• [PDF] https://www.prodaft.com/m/reports/PYSA_TLPWHITE_3.0.pdf:
https://www.prodaft.com/m/reports/PYSA_TLPWHITE_3.0.pdf

   ・ PYSA 勒索软件分析报告 – Jett


• Blinding Snort: Breaking the Modbus OT Preprocessor:
https://claroty.com/2022/04/14/blog-research-blinding-snort-breaking-the-modbus-ot-preprocessor/

   ・ 利用开源 Snort IDS 检测引擎的整数溢出漏洞(CVE-2022-20685)逃逸检测 – Jett


• CVE-2022-22954 VMware Workspace ONE Access SSTI RCE – 先知社区:
https://xz.aliyun.com/t/11196

   ・ CVE-2022-22954 VMware Workspace ONE Access SSTI RCE – lanying37


• CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers:
https://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html

   ・ iOS vouchers 子系统野外被利用漏洞 CVE-2021-1782 的分析 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(04-15)

版权声明:admin 发表于 2022年4月15日 下午12:36。
转载请注明:每日安全动态推送(04-15) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...