Tencent Security Xuanwu Lab Daily News

• Frida on Java applications and applets in 2024:
https://security.humanativaspa.it/frida-on-java-applets-in-2024/

   ・ 使用Frida对Java应用进行插桩 – WireFish

• Hiding in Plain Sight: How Subdomain Attacks Use Your Email Authentication Against You:
https://feedpress.me/link/23532/16631862/hiding-in-plain-sight-how-subdomain-attacks-use-your-email-authentication-against-you

   ・ 介绍了SubdoMailing攻击活动利用了DMARC的漏洞 – SecTodayBot

• CVE-2024-1933: TeamViewer Bug Exposes macOS Users: Update Immediately!:
https://securityonline.info/cve-2024-1933-teamviewer-bug-exposes-macos-users-update-immediately/

   ・ TeamViewer软件存在漏洞 – SecTodayBot

• Address Sanitizer for Bare-metal Firmware:
https://security.googleblog.com/2024/03/address-sanitizer-for-bare-metal.html

   ・ 介绍纯物理固件上的ASan – WireFish

• BlueDucky automates exploitation of Bluetooth pairing vulnerability that leads to 0-click code execution:
https://www.mobile-hacker.com/2024/03/26/blueducky-automates-exploitation-of-bluetooth-pairing-vulnerability-that-leads-to-0-click-code-execution/

   ・ Android and Linux 上的蓝牙配对漏洞，可导致0-click代码执行 – WireFish

• Securing the LLM Stack:
https://feedpress.me/link/23532/16632169/securing-the-llm-stack

   ・ 关于在网络安全中保护人工智能系统和LLM技术栈的重要性，特别是讨论了AI模型、LLM实施和安全方法论。 – SecTodayBot

• [PDF] https://fuzzing.io/Presentations/The%20DL%20on%20LLM%20Code%20Analysis%20-%20CanSecWest24%20-%20rjohnson.pdf:
https://fuzzing.io/Presentations/The%20DL%20on%20LLM%20Code%20Analysis%20-%20CanSecWest24%20-%20rjohnson.pdf

   ・ 议题介绍LLM在安全领域的应用，包含反编译、fuzz等 – WireFish

• ShadowRay: First Known Attack Campaign Targeting AI Workloads Exploited In The Wild:
https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild

   ・ 报告了针对Ray开源AI框架的漏洞攻击以及该漏洞在AI工作负载中的利用。文章详细分析了漏洞的根本原因，揭示了争议的CVE以及其在野外的利用。 – SecTodayBot

• Introduction:
https://github.com/k1nd0ne/VolWeb

   ・ VolWeb是一款数字取证内存分析平台，旨在提高内存收集和取证分析的效率，并通过提供集中式、可视化和增强的Web应用程序来支持调查和事件响应。 – SecTodayBot

• Local Privilege Escalating my way to root through Apple macOS filesystems:
https://www.alter-solutions.fr/blog/local-privilege-escalating-my-way-to-root-throught-apple-macos-filesystems

   ・ macOS存在CVE-2023-42931漏洞，通过绕过System Integrity Protection (SIP)实现提权 – SecTodayBot

• CVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published:
https://securityonline.info/cve-2024-20767-critical-adobe-coldfusion-flaw-exposes-sensitive-files-poc-published/

   ・ Adobe ColdFusion存在严重漏洞(CVE-2024-20767)，可能导致机密信息泄露和系统被入侵 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab