每日攻防资讯简报[Dec.2th]

1.iOS未经身份验证的内核内存损坏漏洞，该漏洞导致无线电邻近的所有iOS设备重新启动，而无需用户交互

https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html

2.iOS 1Day狩猎：了解和探索iOS内核内存泄漏漏洞（CVE-2020-27950）

https://www.synacktiv.com/publications/ios-1-day-hunting-uncovering-and-exploiting-cve-2020-27950-kernel-memory-leak.html

3.开源健康记录管理软件OpenClinic的四个漏洞，其中最严重的漏洞是未经身份验证的攻击者可以从该应用程序读取患者PHI

https://labs.bishopfox.com/advisories/openclinic-version-0.8.2

4.WebKit的多个漏洞

https://blog.talosintelligence.com/2020/11/vuln-spotlight-webkit-use-after-free-nov-2020.html

1.在npm注册表中发现了新的Bladabindi木马

https://blog.sonatype.com/bladabindi-njrat-rat-in-jdb.js-npm-malware

2.被认为与APT组织海莲花有关的macOS后门

https://www.trendmicro.com/en_us/research/20/k/new-macos-backdoor-connected-to-oceanlotus-surfaces.html

3.如何检测实现了免杀的恶意软件

https://securityboulevard.com/2020/12/how-to-spot-razy-malware-undetected-by-av-systems/

4.黑客组织使用挖矿技术躲避检测

https://www.microsoft.com/security/blog/2020/11/30/threat-actor-leverages-coin-miner-techniques-to-stay-under-the-radar-heres-how-to-spot-them/

1.online-opsec：供一般人使用的在上网时保持安全、隐私的威胁模型和工具

https://github.com/devbret/online-opsec

2.Damn-Vulnerable-WooCommerce-Plugins：为多个WooCommerce插件漏洞准备的Docker环境

https://github.com/parzel/Damn-Vulnerable-WooCommerce-Plugins

3.pyOracle2：Python编写的Padding Oracle工具

https://github.com/liquidsec/pyOracle2

https://blog.liquidsec.net/2020/11/30/introducing-pyoracle2/

4.Micro Focus Operations Bridge Manager的多个RCE漏洞

https://github.com/pedrib/PoC/blob/master/advisories/Micro_Focus/Micro_Focus_OBM.md