每日安全动态推送(5-17)

Tencent Security Xuanwu Lab Daily News

• libcap-2.69 addresses 2 CVEs:

   ・ libcap-2.69 的两个 CVE 漏洞 – 

• Introducing Windows Notification Facility’s (WNF) Code Integrity:

   ・ 介绍 Windows 无公开文档的 WNF 模块 – 

• Prompt injection explained, with video, slides, and a transcript:

   ・ 介绍提示词注入攻击 – 

• CVE-2022-47937: Multiple parsing problems in the Apache Sling Commons JSON module:

   ・ Apache Sling Commons JSON 模块中的多个解析问题 – 

• Malicious Microsoft Teams Invite: NTLM Relay and Drive By Download Attack:

   ・ Microsoft Teams 的邀请链接中存在 NTLM Relay 攻击漏洞 – 

• Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory:

   ・ Linux 内核在批处理请求时，Netfilter nf_tables 中存在 use-after-free 漏洞，可被滥用以在内核内存中执行任意读取和写入 – 

• SysReptor: Pentest Report Creator:

   ・ 渗透测试报告编辑器，可以一键生成报告，自动组织排版 – 

• Security Audit of libcap:

   ・ 针对 Libcap 的安全审计报告 – 

* 查看或搜索历史推送内容请访问：

* 新浪微博账号：腾讯玄武实验室