Tencent Security Xuanwu Lab Daily News

• Terrapin vulnerability in Jenkins CLI client:
https://seclists.org/oss-sec/2024/q2/136

   ・ 介绍了Jenkins CLI客户端中的Terrapin漏洞 – SecTodayBot

• SoumniBot: the new Android banker’s unique techniques:
https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/

   ・ Android恶意软件SoumniBot采用非常规方法规避分析和检测，通过篡改Android清单文件等技术，成功规避安卓系统的检测机制。 – SecTodayBot

• Fake Dialog Boxes to Make Malware More Convincing:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-dialog-boxes-to-make-malware-more-convincing/

   ・ 探讨了SpiderLabs在红队参与过程中如何将用户提示（特别是Windows对话框）纳入其恶意软件加载程序，以使钓鱼目标更容易相信。 – SecTodayBot

• Passbolt: a bold use of HaveIBeenPwned:
http://blog.quarkslab.com/passbolt-a-bold-use-of-haveibeenpwned.html

   ・ Pwned Passwords service与Passbolt是本文的重点内容，介绍了使用Pwned Passwords API来提醒用户密码是否存在于以前的数据泄露中，以及Passbolt作为开源密码管理器的应用。 – SecTodayBot

• CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability:
https://www.thezdi.com/blog/2024/4/17/cve-2024-20697-windows-libarchive-remote-code-execution-vulnerability

   ・ Microsoft Windows中Libarchive远程代码执行漏洞CVE-2024-20697 – SecTodayBot

• CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used:
https://seclists.org/oss-sec/2024/q2/138

   ・ Apache Airflow存在一处漏洞，允许经过身份验证的用户在\"configuration\" UI页面上查看敏感提供者配置 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号： 腾讯玄武实验室
https://weibo.com/xuanwulab