每日安全动态推送(9-12)

Tencent Security Xuanwu Lab Daily News

• Warcodes II – The Desko Case:
https://labs.ioactive.com/2020/12/warcodes-ii-desko-case.html

   ・ Warcodes II – Desko 案例 – 针对工业条码阅读器的新型攻击向量，攻击 DESKO 的 BCR/BGR504 Pro 阅读器  – SecTodayBot

• WiKI-Eve – Stealing Wi-Fi Passwords by Eavesdropping on Keystrokes:
https://cybersecuritynews.com/wiki-eve-wi-fi-passwords/

   ・ WiKI-Eve，通过keystrokes窃取WI-FI密码。为了展示 wiki-eve 的实用性，他们在 5m*8m 的会议室中使用 iPhone 13 进行了实际实验  – SecTodayBot

• GitHub – raminfp/fuzzer-development-with-rust: Write fuzzer with rust:
https://github.com/raminfp/fuzzer-development-with-rust

   ・ Fuzzer Development With Rust (Basic) – 介绍模糊测试工具和使用 Rust 进行模糊测试开发 – SecTodayBot

• Knocking on Hell’s Gate – EDR Evasion Through Direct Syscalls:
https://labs.en1gma.co/malwaredevelopment/evasion/security/2023/08/14/syscalls.html

   ・ 利用系统调用进行EDR规避 – SecTodayBot

• CVE-2023-3959, CVE-2023-4249 – Multiple critical vulnerabilities in Zavio IP cameras:
https://bugprove.com/knowledge-hub/cve-2023-3959-cve-2023-4249-multiple-critical-vulnerabilities-in-zavio-ip-cameras/

   ・ BugProve 共享 34 个 Zavio IP cameras的利用脚本，其中 7 个是 preauth RCE，其余的是 postauth BoF – SecTodayBot

• Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play:
https://thehackernews.com/2023/09/millions-infected-by-spyware-hidden-in.html

   ・ Google Play 商店中发现了伪装成 Telegram 修改版的间谍软件，该软件旨在从受感染的 Android 设备中获取敏感信息。俄罗斯网络安全公司将该活动代号为“邪恶电报”  – SecTodayBot

• Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones:
https://thehackernews.com/2023/09/apple-rushes-to-patch-zero-day-flaws.html

   ・ Apple 发布了针对 iOS、iPadOS、macOS、watchOS 的紧急安全更新，以解决两个零日漏洞，这些漏洞已被广泛利用来发动 NSO Group 的 Pegasus 雇佣兵间谍战  – SecTodayBot

• CatSniffer: original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT devices:
https://securityonline.info/catsniffer-original-multiprotocol-and-multiband-board-made-for-sniffing-communicating-and-attacking-iot-devices/

   ・ CatSniffer () 是一款原创的多协议、多频段板，用于嗅探、通信和攻击物联网设备。它被设计为高度便携的 USB 棒，集成了新芯片 TI CC1352、Semtech SX1262、Microchip SAMD21E17 V2 或更高版本以及 RP2040 V3 或更高版本  – SecTodayBot

• CVE-2023-4809: FreeBSD pf bypass when using IPv6:
https://seclists.org/oss-sec/2023/q3/168

   ・ 利用 IPv6 绕过 FreeBSD pf，通过启用清理和重组 ipv6 片段绕过防火墙规则 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(9-12)