Tencent Security Xuanwu Lab Daily News

• The macOS NSServices vulnerability that allowed to bypass TCC:
https://moonlock.com/nsservices-macos

   ・ macOS NSServices 漏洞，允许绕过 TCC，从而允许攻击者访问受保护的用户文件 – SecTodayBot

• A still unpatched zero-day RCE impacts more than 3.5M Exim servers:
https://securityaffairs.com/151693/hacking/cve-2023-42115-exim-mail-transfer.html

   ・ 趋势科技零日计划 (ZDI) 发布了 SMTP 服务中远程代码执行漏洞的漏洞披露，允许远程攻击者在受影响的 Exim 执行任意代码。利用此漏洞不需要身份验证 – SecTodayBot

• Malicious ad served inside Bing's AI chatbot:
https://www.malwarebytes.com/blog/threat-intelligence/2023/09/malicious-ad-served-inside-bing-ai-chatbot

   ・ 通过 Bing 的 AI 聊天机器人进行恶意广告 – SecTodayBot

• Introducing: Raspberry Pi 5! - Raspberry Pi:
https://www.raspberrypi.com/news/introducing-raspberry-pi-5/

   ・ Raspberry Pi 5 将于 10 月底推出。4GB 型号的售价为 60 美元，8GB 型号的售价为 80 美元 – SecTodayBot

• FortiGuard Labs Uncovers Series of Malicious NPM Packages Stealing Data:
https://www.hackread.com/fortiguard-labs-malicious-npm-packages-steal-data/

   ・ FortiGuard 实验室发现了一系列隐藏在 NPM（节点包管理器）中的恶意 NPM 包，NPM 是 JavaScript 开发人员的主要软件存储库 – SecTodayBot

• Delaying Kernel Payloads by Hijacking KTIMERs & KDPCs (Part 2):
https://gerr.re/posts/ktimer-hijack-pt2

   ・ KTIMER 劫持是一种新颖的后利用技术，可在 PoC||GTF 上下文中延迟内核模式有效负载的执行，基于 Windows 11 计时器内部结构和延迟过程调用  – SecTodayBot

• Cloudflare Protection Bypass Vulnerability on Threat Actors' Radar:
https://socradar.io/cloudflare-protection-bypass-vulnerability-on-threat-actors-radar/

   ・ Threat Actors' Radar的 Cloudflare 保护绕过漏洞  – SecTodayBot

• Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection:
https://thehackernews.com/2023/10/researcher-reveal-new-technique-to.html

   ・ Certitude 研究员 Stefan Proksch 在 Certitud 上周发布的一份报告中发现，可以通过利用跨租户安全控制中的漏洞来规避 Cloudflare保护 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab