每日安全动态推送(6-14)
2024-6-14 15:0:33 Author: mp.weixin.qq.com(查看原文) 阅读量:3 收藏
Tencent Security Xuanwu Lab Daily News

• Introducing YetiHunter: An open-source tool to detect and hunt for suspicious activity in Snowflake:
https://permiso.io/blog/introducing-yetihunter-an-open-source-tool-to-detect-and-hunt-for-suspicious-activity-in-snowflake

   ・ YetiHunter是一款用于检测和追踪Snowflake中可疑活动的开源工具,提供了Snowflake受到攻击的详细分析和介绍 – SecTodayBot

• FortiOS Vulnerability Let Attackers Execute Unauthorized Commands:
https://cybersecuritynews.com/fortios-vulnerability-unauthorized-commands/

   ・ 披露了FortiOS命令行解释器中的多个基于堆栈的缓冲区溢出漏洞(CVE-2024-23110) – SecTodayBot

• Driving forward in Android drivers:
https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html

   ・ 讨论了对安卓设备驱动程序的安全研究,重点探讨了发现和研究这些驱动程序的新方法。 – SecTodayBot

• ChatGPT Account Takeover - Wildcard Web Cache Deception:
https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html

   ・ 介绍了一种新的利用路径遍历URL解析混淆来实现“通配符”缓存欺骗漏洞的方法,揭示了ChatGPT中的新漏洞 – SecTodayBot

• Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution:
https://packetstormsecurity.com/files/179083

   ・ Rejetto HTTP File Server (HFS) version 2.x存在未经身份验证的服务器端模板注入(SSTI)漏洞,攻击者可以利用该漏洞执行代码并以运行HFS.exe服务器进程的用户帐户权限运行。 – SecTodayBot

• What’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 2):
https://labs.jumpsec.com/whats-in-a-name-writing-custom-dns-tunnelling-protocol-exploiting-unexpected-aws-lambda-misconfiguration-in-a-web-app-pen-test-part-2/

   ・ 在网络应用渗透测试中利用AWS Lambda功能进行远程代码执行和数据泄露的过程。 – SecTodayBot

• 2/6 | Exposing Malicious Extensions: Shocking Statistics from the VS Code Marketplace:
https://medium.com/@amitassaraf/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace-cf88b7a7f38f

   ・ VSCode扩展市场存在大量恶意和高风险的扩展,其中一些包含已知的恶意依赖项,尝试读取主机系统上的文件,与硬编码的IP地址通信,运行未知的可执行文件或DLL,并包含硬编码的秘密信息。 – SecTodayBot

• oss-security - Re: Security vulnerability in fprintd:
https://www.openwall.com/lists/oss-security/2024/06/13/2

   ・ 介绍了fprintd软件中的安全漏洞,详细分析了漏洞的根本原因,讨论了与sudo的PAM模块交互以及潜在的安全问题。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959693&idx=1&sn=6a43edfca0da62c720b1d9ee83eb7963&chksm=8baed112bcd958045fee92b929e0a9b2221b90111c129d0c7a7cc2085d166fff533a81e394c2&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh