每日安全动态推送(6-21)

文章预览

Tencent Security Xuanwu Lab Daily News •  Hackers Using Weaponized Word Documents In QR Code Phishing Attacks: https://cybersecuritynews.com/weaponized-documents-qr-code-phishing/    ・   黑客滥用武器化的Word文档和研究人员发现的QR码钓鱼攻击。文章详细描述了钓鱼攻击的增加以及黑客利用恶意QR码窃取金融信息的实例  –  SecTodayBot •  Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects: https://github.blog/2024-06-20-execute-commands-by-sending-json-learn-how-unsafe-deserialization-vulnerabilities-work-in-ruby-projects/    ・   对Ruby项目中的不安全反序列化漏洞进行检测和理解的新方法，包括了对漏洞工作原理的详细分析以及如何利用的示例。  –  SecTodayBot •  BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!: https://dlvr.it/ ………………………………