每日安全动态推送(9-6)

文摘   科技   2024-09-06 14:53   北京  
Tencent Security Xuanwu Lab Daily News

• Zero Day Initiative — Exploiting Exchange PowerShell After ProxyNotShell: Part 1 - MultiValuedProperty:
https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty

   ・ 披露了关于Microsoft Exchange的新漏洞信息,包括CVE-2022-41040、CVE-2022-41082、CVE-2023-21529和CVE-2023-32031,详细分析了漏洞的根本原因,并介绍了漏洞的利用和对微软补丁的绕过。 – SecTodayBot


• CVE-2024-20017 (CVSS 9.8): Zero-Click Exploit Discovered in Popular Wi-Fi Chipsets, PoC Published:
https://securityonline.info/cve-2024-20017-cvss-9-8-zero-click-exploit-discovered-in-popular-wi-fi-chipsets-poc-published/

   ・ 关于流行Wi-Fi芯片组中的关键漏洞CVE-2024-20017的详细信息,包括漏洞的根本原因和潜在的远程代码执行。 – SecTodayBot


• Amoco: tool for analysing binaries:
https://meterpreter.org/amoco-tool-for-analysing-binaries/

   ・ Amoco是一个用于分析二进制文件的Python包,提供了用于解码指令、符号代数模块、通用执行模型、反汇编技术等功能。该 – SecTodayBot


• What would you do with that old GPU?:
https://blog.trailofbits.com/2024/09/05/what-would-you-do-with-that-old-gpu/

   ・ 介绍了如何利用旧的GPU解决计算机安全和程序分析问题,提出了多种实际可行的概念 – SecTodayBot


• RAMBO Attack Steals Data From Air-gapped Systems:
https://cybersecuritynews.com/rambo-attack-air-gapped-systems/

   ・ 一种新的针对空隙网络的隐蔽信道攻击,利用内存操作在孤立计算机中窃取敏感数据。攻击者可以通过操纵内存相关指令,在从内存总线发射的电磁波上对信息进行编码和调制,然后附近的接收器可以拦截、解调和解码传输的数据,从而泄露各种类型的信息。  – SecTodayBot


• Google fixed actively exploited Android flaw CVE-2024-32896:
https://securityaffairs.com/168047/mobile-2/google-fixed-actively-exploited-android-flaw-cve-2024-32896.html

   ・ 介绍了Google在其Android操作系统中解决了一个高危漏洞CVE-2024-32896的情况。漏洞涉及特定组件的权限提升,可能导致特权升级,并且需要用户交互才能利用 – SecTodayBot


• Windows Wi-Fi Driver RCE Vulnerability – CVE-2024-30078:
https://www.crowdfense.com/windows-wi-fi-driver-rce-vulnerability-cve-2024-30078/

   ・ 分析了Windows Wi-Fi驱动程序的漏洞CVE-2024-30078 – SecTodayBot


• Warning: CVE-2024-20469 in Cisco ISE with PoC Code Puts Networks at Risk:
https://securityonline.info/warning-cve-2024-20469-in-cisco-ise-with-poc-code-puts-networks-at-risk/

   ・ Cisco ISE存在CVE-2024-20469漏洞,该漏洞允许具有有效管理员权限的攻击者进行命令注入攻击,获得系统的root级访问权限。 – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


腾讯玄武实验室
腾讯玄武实验室官方微信公众号
 最新文章