Aggregator

2024-07-17 安全「信息差」每天快人一步 1. 推送「新、

针对一个有意思的钓鱼免杀样本的详细分析

We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems.

Oracle addresses 175 CVEs in its third quarterly update of 2024 with 386 patches, including 26 critical updates.

Background

On July 16, Oracle released its Critical Patch Update (CPU) for July 2024, the third quarterly update of the year. This CPU contains fixes for 175 CVEs in 386 security updates across 29 Oracle product families. Out of the 386 security updates published this quarter, 6.7% of patches were assigned a critical severity. Medium severity patches accounted for the bulk of security patches at 45.9%, followed by high severity patches at 45.1%.

This quarter’s update includes 26 critical patches across 15 CVEs.

SeverityIssues PatchedCVEsCritical2615High17460Medium17791Low99Total386175Analysis

This quarter, the Oracle Commerce product family contained the highest number of patches at 95, accounting for 24.6% of the total patches, followed by Oracle E-Business Suite at 60 patches, which accounted for 15.6% of the total patches.

A full breakdown of the patches for this quarter can be seen in the following table, which also includes a count of vulnerabilities that can be exploited over a network without authentication.

Oracle Product FamilyNumber of PatchesRemote Exploit without AuthenticationOracle Commerce9584Oracle E-Business Suite6044Oracle Enterprise Manager4132Oracle Java SE3711Oracle TimesTen In-Memory Database2014Oracle Financial Services Applications1712Oracle PeopleSoft1211Oracle JD Edwards113Oracle Communications102Oracle HealthCare Applications107Oracle Database Server83Oracle Insurance Applications86Oracle REST Data Services77Oracle Hyperion77Oracle Retail Applications75Oracle Construction and Engineering55Oracle Fusion Middleware52Oracle MySQL54Oracle Communications Applications42Oracle Analytics30Oracle Systems30Oracle Big Data Spatial and Graph20Oracle Siebel CRM21Oracle Supply Chain22Oracle Application Express11Oracle Essbase11Oracle GoldenGate11Oracle Graph Server and Client11Oracle NoSQL Database10Solution

Customers are advised to apply all relevant patches in this quarter’s CPU. Please refer to the July 2024 advisory for full details.

Identifying affected systems

A list of Tenable plugins to identify these vulnerabilities will appear here as they’re released. This link uses a search filter to ensure that all matching plugin coverage will appear as it is released.

Get more information

• Oracle Critical Patch Update Advisory - July 2024
• Oracle July 2024 Critical Patch Update Risk Matrices
• Oracle Advisory to CVE Map

Join Tenable's Security Response Team on the Tenable Community.

Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

在上一篇中，找到了研发安全的切入点，按照常规思路就应该想出对应的解决之道。本文将深入“架构-编码-配置 + 应急响应”，针对漏洞生产源，提出治理的实践方法及经验。

全国仅5个！威努特漏洞挖掘能力再获国家级认可

Learn how to fuzz JSON to find security vulnerabilities in the APIs you are hacking with the help of a custom wordlist and Param Miner.

The post Fuzzing JSON to find API security flaws appeared first on Dana Epp's Blog.

Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to [...]

Read More... from Cobalt Strike 4.10: Through the BeaconGate

The post Cobalt Strike 4.10: Through the BeaconGate appeared first on Cobalt Strike.

又踩坑了

情报分析方式

我叫乔纳森·威利斯。我就是那张著名的照片中的警官，照片上有两名狙击手在特朗普集会的屋顶上。我来这里是想告诉公众，我已经瞄准了刺客至少 3 分钟，但特勤局局长拒绝下令干掉罪犯。在刺客向特朗普总统开枪之前，高层 100% 阻止了我杀死他。

Cloudflare is adding support for end-to-end private traffic flows to our local traffic management (LTM) load balancing solution, and allowing for the replacement of hardware load balancers

Government directed shutdowns and cable cuts were both significant sources of Internet outages in Q2 2024. This post explores these disruptions, as well as others caused by power outages, maintenance, technical problems, military action, and unknown causes