每日安全动态推送(3-4)
2024-3-4 14:40:35 Author: mp.weixin.qq.com(查看原文) 阅读量:4 收藏

Tencent Security Xuanwu Lab Daily News

• New Malicious PyPI Packages used by Lazarus - JPCERT/CC Eyes:

https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html

   ・ 详细分析了Lazarus发布的恶意Python软件包 – SecTodayBot

• WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting:
https://packetstormsecurity.com/files/177361

   ・ 披露了WordPress IDonate插件1.8.1及以下版本存在的持久性跨站脚本漏洞,同时提供了利用该漏洞的POC。 – SecTodayBot

• Notepad.exe Will Snitch On You (full coding project):
https://www.youtube.com/watch?v=zSSBbv2fc2s

   ・ 提到了Notepad.exe可能存在的安全风险 – SecTodayBot

• SMM isolation - SMI deprivileging (ISRD):
https://tandasat.github.io/blog/2024/02/29/ISRD.html

   ・ 深入分析了英特尔平台上系统管理模式(SMM)隔离的内部工作原理,重点介绍了Intel System Resources Defense (ISRD) 和 SMI deprivileging。 – SecTodayBot

• Mail in the Middle – A tool to automate spear phishing campaigns:
https://sensepost.com/blog/2024/mail-in-the-middle-a-tool-to-automate-spear-phishing-campaigns/

   ・ 介绍了一种名为Mail-in-the-Middle (Maitm)的新安全工具,用于拦截和篡改电子邮件 – SecTodayBot

• Re: CVE-2024-22857: Heap Based Buffer overflow in zlog library:
https://seclists.org/oss-sec/2024/q1/179

   ・ 介绍了 zlog 库中的一个新漏洞(CVE-2024-22857) – SecTodayBot

• DOM Clobbering Wiki:
https://domclob.xyz/domc_wiki/techniques/

   ・ 介绍了DOM Clobbering攻击技术,讨论了攻击者如何操纵安全敏感变量和内置浏览器API的值。 – SecTodayBot

• How to Track Realtime Location of ANY Telegram User — 2 Methods:
https://x-it.medium.com/how-to-track-realtime-location-of-any-telegram-user-2-methods-ec09d873b839

   ・ 介绍了两种追踪Telegram用户实时位置的方法 – SecTodayBot

• Remote Code Execution in Apache Dolphinscheduler(CVE-2023-49109) - 先知社区:
https://xz.aliyun.com/t/13913?time__1311=mqmxnQ0%3D3eqQqGNDQiFbFD9Q7fCKAKx

   ・ 针对Apache Dolphinscheduler 中存在远程代码执行漏洞分析 (CVE-2023-49109) – lanying37

• VoltSchemer: attacks on wireless chargers through the power supply | Kaspersky official blog:
https://kas.pr/a192

   ・ 介绍了来自佛罗里达大学的研究人员对使用Qi无线充电器进行攻击的研究 – SecTodayBot

• Read In This Article:
https://hadess.io/web-llm-attacks/

   ・ 文章重点讨论了LLMs整合所带来的安全挑战和防御策略,涉及了输出处理不安全、提示注入、训练数据污染等方面的漏洞。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959543&idx=1&sn=c372f489d6f679b18bfbb1bb2f3fde3a&chksm=8baed068bcd9597ee9fffb2204f79febd268391b6653cdc3fcbfd5189717198824b02846ef9d&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh