Tencent Security Xuanwu Lab Daily News

• GHSL-2023-271: Arbitrary command execution in changed-files:
https://securitylab.github.com/advisories/GHSL-2023-271_changed-files/

   ・ GitHub Actions workflow存在命令注入漏洞，攻击者可以利用此漏洞执行任意代码和潜在泄露机密信息。 – SecTodayBot

• Copyright Loan Management System 2024 1.0 SQL Injection:
https://packetstormsecurity.com/files/176531

   ・ 披露了Copyright Loan Management System 2024版本1.0存在的远程SQL注入漏洞，详细分析了漏洞的根本原因，并提供了利用漏洞所需的攻击载荷。 – SecTodayBot

• Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation | Mandiant:
https://www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day

   ・ 该文章揭示了Ivanti Connect Secure VPN存在的两个漏洞CVE-2023-46805和CVE-2024-21887的详细分析和相关利用，以及与UNC5221相关的定点攻击活动。  – SecTodayBot

• Zip Slip Vulnerability:
https://infosecwriteups.com/zip-slip-vulnerability-064d46ca42e5?source=rss----7b722bfd1b8d---4

   ・ 介绍了Zip Slip漏洞，该漏洞涉及到在应用程序内解压缩文件时路径处理不当，可能导致恶意攻击者访问关键系统文件并危害应用程序安全。文章详细分析了漏洞的根本原因，并提供了利用漏洞所需的漏洞利用或概念证明（POC） – SecTodayBot

• CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign:
https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-defense-evasion-in-phemedrone-steal.html

   ・ 披露了CVE-2023-36025漏洞的利用及其对Windows Defender SmartScreen的影响，以及对Phemedrone Stealer恶意软件攻击方式的调查分析。 – SecTodayBot

• GHSL-2023-260: Remote command execution (RCE) in Intel Analytics’ BigDL-LLM:
https://securitylab.github.com/advisories/GHSL-2023-260_BigDL-LLM/

   ・ 英特尔分析的BigDL-LLM库存在漏洞，允许攻击者在开发者机器上执行恶意命令。文章详细分析了漏洞的根本原因，并提供了利用漏洞的实证概念。  – SecTodayBot

• ASLRn’t: How memory alignment broke library ASLR:
https://zolutal.github.io/aslrnt/

   ・ 披露了最新的内存对齐漏洞，详细分析了其对ASLR的影响 – SecTodayBot

• VBA: having fun with macros, overwritten pointers & R/W/X memory |:
https://adepts.of0x.cc/VBA-hijack-pointers-rwa/

   ・ 介绍了在VBA宏中运行shellcode的新方法，涉及了内存操作和漏洞利用 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab