Tencent Security Xuanwu Lab Daily News

• PySQLRecon - Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon:
http://dlvr.it/T0M9n6

   ・ 用Python编写的MSSQL攻击工具包，可以用于进行数据库渗透测试。 – SecTodayBot

• Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook: Pt 2:
https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-two

   ・ 介绍了如何利用Outlook中的一个漏洞来实现远程代码执行，并详细分析了Windows系统中音频文件解析的漏洞和攻击面。 – SecTodayBot

• A detailed analysis of the Menorah malware used by APT34:
https://securityscorecard.com/research/menorah-malware-apt34/

   ・ 详细分析了Menorah恶意软件的运行机制和行为特征，包括创建互斥体以确保单一运行实例、提取主机名和用户名并计算识别感染机器的哈希值、实施各种命令操作等。 – SecTodayBot

• Decoding the Web Injection Malware Campaign of 2023:
https://securityonline.info/decoding-the-web-injection-malware-campaign-of-2023/

   ・ 深入解析了2023年的网络注入恶意软件攻击活动 – SecTodayBot

• Windows CLFS and five exploits used by ransomware operators:
https://securelist.com/windows-clfs-exploits-ransomware/111560/

   ・ Windows系统中的Common Log File System (CLFS)存在的两个漏洞(CVE-2022-35803和CVE-2022-37969)，并对漏洞的根本原因和利用方法进行了详细分析。 – SecTodayBot

• Shedding light on Fighting Ursa.:
https://bit.ly/46ZPo9W

   ・ Palo Alto Networks Unit 42关于Fighting Ursa（又名APT28）的最新威胁情报研究，揭示了他们如何利用Microsoft Outlook漏洞（CVE-2023-23397）进行攻击 – SecTodayBot

• Mayhem: Targeted Corruption of Register and Stack Variables:
https://seclists.org/oss-sec/2023/q4/309

   ・ 介绍了一项可能影响安全代码执行流程的潜在漏洞，以及相关软件的潜在脆弱性 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab