每日安全动态推送(7-30)

每日安全动态推送(7-30)
2024-7-30 13:54:56 Author: mp.weixin.qq.com(查看原文) 阅读量:1 收藏

Tencent Security Xuanwu Lab Daily News

• ESXi Security-hardening | change the default “ESX Admins” AD group:
https://mosnotes.com/2018/12/05/esxi-security-hardening-change-the-default-esx-admins-ad-group/

・通过更改默认AD组来保护ESXi主机的新方法，使用了GUI和PowerCLi – SecTodayBot

• Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | FortiGuard Labs:
https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed

・分析了Microsoft Windows SmartScreen中的安全绕过漏洞CVE-2024-21412以及黑客利用该漏洞的攻击技术 – SecTodayBot

• VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns:
https://blog.rapid7.com/2024/07/30/vmware-esxi-cve-2024-37085-targeted-in-ransomware-campaigns/

・微软关于影响 VMware ESXi hypervisors 的 CVE-2024-37085 漏洞的威胁情报，包括漏洞的详细分析、利用方法和缓解指南。 – SecTodayBot

• Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails:
https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html

・一起利用电子邮件路由错误配置进行网络钓鱼的新型威胁，揭示了Proofpoint服务器漏洞的详细分析和根本原因。 – SecTodayBot

• ImageMagick AppImage Vulnerability Opens Door to Arbitrary Code Execution:
https://securityonline.info/imagemagick-appimage-vulnerability-opens-door-to-arbitrary-code-execution/

・ ImageMagick的AppImage版本存在漏洞，可能导致远程代码执行 – SecTodayBot

• Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port:
https://posts.specterops.io/hands-in-the-cookie-jar-dumping-cookies-with-chromiums-remote-debugger-port-34c4f468844e

・一种从Chromium浏览器中窃取Cookie的技术，通过启动Chrome的远程调试端口绕过加密以及利用Chrome解密Cookie。 – SecTodayBot

• RADIUS Protocol Vulnerability Impacted Multiple Cisco Products:
https://cybersecuritynews.com/radius-protocol-vulnerability-cisco/

・披露了RADIUS协议的关键漏洞，影响到思科等多个知名软件产品 – SecTodayBot

• Unveiling the latest banking trojan threats in LATAM:
https://securityintelligence.com/posts/unveiling-latest-banking-trojan-threats-latam/

・ IBM Security Lab在拉丁美洲地区观察到的恶意Chrome扩展相关的活动激增，以及CyberCartel团伙利用Web注入和浏览器中间人攻击等先进技术，针对拉丁美洲金融机构的攻击手法进行了详细分析。 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959745&idx=1&sn=17718cec5e416a8ed0a92a93bd3f3ffb&chksm=8baed15ebcd95848b2955518ea6b07115a26501a3e891cae15fc6500a267516e9db0a4133b14&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh