每日安全动态推送(7-17)
2024-7-17 16:44:53 Author: mp.weixin.qq.com(查看原文) 阅读量:13 收藏

Tencent Security Xuanwu Lab Daily News

• Kdrill: Python tool to check rootkits in Windows kernel:
https://meterpreter.org/kdrill-python-tool-to-check-rootkits-in-windows-kernel/

   ・ Kdrill是一款用于分析Windows内核的工具,可以检测内核是否被rootkit – SecTodayBot

• CVE-2024-31411: Apache StreamPipes: Potential remote code execution (RCE) via file upload:
https://seclists.org/oss-sec/2024/q3/80

   ・ Apache StreamPark中的RCE漏洞 – SecTodayBot

• APKscan: Scan for secrets, endpoints, and other sensitive data in Android files:
https://meterpreter.org/apkscan-scan-for-secrets-endpoints-and-other-sensitive-data-in-android-files/

   ・ APKscan是一款用于在Android文件中扫描和识别敏感数据和漏洞的工具,它提供了自定义规则、多种输出格式等灵活的功能,适用于广泛的Android相关文件,并涉及反向工程和应用程序安全机制分析。  – SecTodayBot

• Hollow Process Injection:
https://www.darkrelay.com/post/demystifying-hollow-process-injection

   ・ 介绍Hollow进程注入的技术原理和利用方法 – SecTodayBot

• Security's Achilles' Heel: Vulnerable Drivers on the Prowl:
https://www.securityjoes.com/post/security-s-achilles-heel-vulnerable-drivers-on-the-prowl

   ・ 介绍了BYOVD技术(Bring Your Own Vulnerable Driver)的利用 – SecTodayBot

• MSI’s Massive Security Breach: 600K+ Warranties Exposed:
https://securityonline.info/msis-massive-security-breach-600k-warranties-exposed/

   ・ 主板制造商MSI和Zotac因为没有正确配置服务器权限而导致大规模安全漏洞,泄露了超过60万用户的详细信息 – SecTodayBot

• Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent:
https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/

   ・ Havoc C2团队服务器中的未经身份验证的SSRF漏洞 – SecTodayBot

• Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example:
https://github.com/otsmr/blackbox-fuzzing

   ・ 对TL-WR902AC路由器进行黑盒模糊测试 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959739&idx=1&sn=cc4ef482b7f10d188cd93259260ed0dd&chksm=8baed124bcd95832b869af5f2bb50f1c98861b4abe857602a9c204b83975d765cceb14c52b88&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh