Tencent Security Xuanwu Lab Daily News

• How Malware Can Bypass Transparency Consent and Control (CVE-2023-40424):
https://blog.kandji.io/malware-bypass-tcc

   ・ 介绍了macOS Malware 如何利用CVE-2023-40424漏洞 – SecTodayBot

• MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI):
https://www.zerodayinitiative.com/blog/2024/5/23/mindshare-decapping-chips-for-electromagnetic-fault-injection-emfi

   ・ 通过电磁故障注入（EMFI）攻击目标设备，然后介绍了解封装（decapping）的新方法，以尝试攻击并提取软件。  – SecTodayBot

• PoC Releases for Unauthorized RCE Flaw (CVE-2024-29269) Threatens 40K+ Telesquare Routers:
https://securityonline.info/poc-releases-for-unauthorized-rce-flaw-cve-2024-29269-threatens-40k-telesquare-routers/

   ・ 披露了韩国 Telesquare 公司的 TLR-2005KSH LTE 路由器存在 CVE-2024-29269 漏洞，该漏洞允许攻击者远程执行系统命令，可能导致服务器被完全控制。 – SecTodayBot

• Why many pinyin keyboards are vulnerable to eavesdropping:
https://kas.pr/3onz

   ・ 智能手机键盘存在严重的安全漏洞，攻击者可以截取用户的按键输入信息，文章披露了相关的新漏洞信息，并对漏洞根本原因进行了详细分析。  – SecTodayBot

• Attacking .NET:
https://blog.devsecopsguides.com/attacking-dotnet

   ・ 文章深入探讨了攻击.NET应用程序的各种方法，包括对Code Access Security (CAS)和不安全的代码执行等漏洞的详细分析。 – SecTodayBot

• Go-Secdump - Tool To Remotely Dump Secrets From The Windows Registry:
https://dlvr.it/T7HnzL

   ・ 一个用于远程从Windows注册表中提取密码哈希和密钥的工具 – SecTodayBot

• Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024:
https://www.imperva.com/blog/frida-jit-unpacker-an-imperva-contribution-to-the-security-research-community-as-presented-at-black-hat-asia-2024/

   ・ 介绍了一种新的工具Frida-JIT-unPacker，它是为了克服特定恶意软件.NET保护而开发的。 – SecTodayBot

• A journey into forgotten Null Session and MS-RPC interfaces:
https://kas.pr/nj9c

   ・ 该文章重点讨论了24年来被遗忘的Null Session漏洞和MS-RPC接口，说明了Microsoft对Null Session能力的限制以及如何绕过策略和限制，以及其对安全研究人员和渗透测试人员的价值。  – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab