Tencent Security Xuanwu Lab Daily News

• CVE-2023-50968: Apache OFBiz: Arbitrary file properties reading and SSRF attack:
https://seclists.org/oss-sec/2023/q4/336

   ・ Apache OFBiz任意文件属性读取漏洞及SSRF攻击 – SecTodayBot

• v8windbg:
https://chromium.googlesource.com/v8/v8/+/refs/heads/main/tools/v8windbg/

   ・ 一个针对V8引擎的WinDbg扩展工具，主要内容是讨论新的调试和检查V8对象的方法或工具 – SecTodayBot

• CVE-2023-51385, CVE-2023-6004: OpenSSH, libssh: Security weakness in ProxyCommand handling:
https://seclists.org/oss-sec/2023/q4/338

   ・ OpenSSH和libssh在ProxyCommand处理中的安全弱点 – SecTodayBot

• OS Command Injection in cPH2 Charging Station <2.0.0 (CVE-2023-46359 and CVE-2023-46360):
https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/

   ・ cPH2充电站中的OS命令注入漏洞 – SecTodayBot

• Security vulnerability in Debian's cpio 2.13:
https://seclists.org/oss-sec/2023/q4/308

   ・ 介绍了Debian的cpio 2.13中存在的安全漏洞，详细分析了应用的补丁导致的问题 – SecTodayBot

• Sigma rules for Linux and MacOS:
https://blog.virustotal.com/2023/12/sigma-rules-for-linux-and-macos_20.html

   ・ Sigma规则匹配macOS和Linux二进制文件的可疑活动 – SecTodayBot

• Linpmem - A Physical Memory Acquisition Tool For Linux:
http://dlvr.it/T0RHKd

   ・ 用于Linux的物理内存采集工具，提供了API用于读取任何物理地址，包括保留内存和内存空洞，同时也可用于正常内存转储。 – SecTodayBot

• Rule Sets:
https://yarahq.github.io/

   ・ YARA Forge是一个用于自动化YARA规则的获取、标准化和优化的工具，它提供了一种简单的解决方案，可以从广泛的社区基础中获取一致且有效的YARA规则集。 – SecTodayBot

• What is CVE-2023-42793?:
https://www.prio-n.com/blog/cve-2023-42793-attacking-defending-JetBrains-TeamCity

   ・ 介绍了CVE-2023-42793的认证绕过漏洞，可导致JetBrains TeamCity Server的远程代码执行。 – SecTodayBot

• Threat Hunting Pids Within Apple's Endpoint Security API:
https://themittenmac.com/threat-hunting-pids-within-apples-es-api/

   ・ 介绍了关于Apple终端安全API中的威胁狩猎和进程ID的内容，重点讨论了如何使用这些可用的进程ID来创建有用的工具，帮助进行动态恶意软件分析、威胁狩猎和系统内部调查。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab