最近 ConnectWise ScreenConnect 爆了 2 个漏洞(CVE-2024-1709 和 CVE-2024-1708),其中 CVE-2024-1709 是一个 Authentication Bypass 漏洞,CVSS 评分 10 分。Sophos 安全团队表示,勤劳的攻击者已经在第一时间利用这些漏洞来投递勒索软件。本文简单整理相关信息,作为漏洞案例研究系列的第一篇文章。
Living off the Land (LOTL) involves the abuse of native tools and processes on systems, especially living off the land binaries, often referred to as LOLBins, to blend in with normal system activities and operate discreetly with a lower likelihood of being detected or blocked because these tools are already deployed and trusted in the environment.
Citrix Bleed 漏洞(CVE-2023-4966)相关的几篇参考文档
Empty Search Path (PATH or LD_LIBRARY_PATH) could lead to security vulnerabilities.