腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] The Ghost Dragon (APT group) https://blog.cylance.com/the-ghost-dragon
"Ghost Dragon APT 组织,主要攻击目标为中国和俄罗斯。来自 Cylance 的分析: https://t.co/tAJiJLMdCE"
-
[ Attack ] Possible Jenkins Project Infrastructure Compromise https://jenkins.io/blog/2016/04/22/possible-infra-compromise/
"Jenkins 项目基础设施可能被黑, 官方 Blog: https://t.co/y1wzndcVuT"
-
[ Conference ] Here's the slides (with speaker notes) from my #gocon talk. #golang http://dave.cheney.net/paste/gocon-spring-2016.pdf https://t.co/IwITZaapuW
"如何正确地处理 Go 程序中的错误, 来自 GoCon 会议: https://t.co/GGPr7HJZYR https://t.co/IwITZaapuW"
-
[ Detect ] Hunting Threats - [Blog Post] http://subt0x10.blogspot.com/2016/04/hunting-threats-regsvr32exe-example.html Feedback Welcome.
"以 regsvr32.exe 为例谈威胁检测: https://t.co/pL4NaKxulu 作者在 ThreatHunting 峰会上的演讲 《像实战一样训练》: http://files.sans.org/summit/Threat_Hunting_Incident_Response_Summit_2016/PDFs/Train-Like-You-Fight-Casey-Smith-FirstBank.pdf "
-
[ Hardware ] Talkng #SS7: hr's @ sidnext2none's cool @ WEareTROOPERS "The known unknowns of SS7 and beyond" https://www.ernw.de/download/TSD2016_Known_Unknowns_of_SS7.pdf https://t.co/u8sXd1apek
"关于 SS7,那些我们不知道的事儿: https://t.co/2BCGFGGkh6 https://t.co/u8sXd1apek"
-
[ iOS ] iOS/OS X ImageIO null pointer dereference : https://www.landaire.net/blog/apple-imageio-denial-of-service/
"iOS/OS X ImageIO 框架在解析 PNG 图片格式时触发空指针解引用拒绝服务 ︰ https://t.co/9QeCSZSG31"
-
[ IoTDevice ] Development of novel dynamic binary analysis techniques for the security analysis of embedded devices : http://www.eurecom.fr/en/publication/4637/download/rs-publi-4637.pdf (pdf)
"一种新的嵌入式设备动态二进制分析技术, Paper ︰ https://t.co/LIeedmyhU2 "
-
[ Mac OS X ] Concise summary of x86_64 syscall calling convention on OS X, by @ schultzdustin. http://dustin.schultz.io/blog/2010/11/15/mac-os-x-64-bit-assembly-system-calls/
"OS X X86_64 syscall 调用约定简明总结: https://t.co/iuWHJRwRuO"
-
[ Malware ] Cryptoworms: The future of ransomware hell http://www.computerworld.com/article/3055488/security/cryptoworms-the-future-of-ransomware-hell.html
"Cryptoworms - 不久以后,就会出现能够自我传播的勒索软件: https://t.co/WmMvR7ZhV8"
-
[ Others ] Concurrent JavaScript — Introduction http://flip.it/x0kSl
"并发 JavaScript 介绍: https://t.co/k7NL6x2cCm"
-
[ ReverseEngineering ] Reversing the petya ransomware with constraint solvers : http://0xec.blogspot.in/2016/04/reversing-petya-ransomware-with.html https://t.co/zoYm3HImsl
"用约束求解器逆向 Petya 勒索软件 ︰ https://t.co/DD06EybFDz https://t.co/zoYm3HImsl"
-
[ Tools ] Cryptocat rewritten from scratch : https://crypto.cat/
"Cryptocat - 开源聊天工具,默认启用加密,保护隐私: https://t.co/YpAR4dGujB"
-
[ Tools ] htcap, crawler that grabs Ajax calls, DOM changes, etc... dumps to sql-lite, calls external scanners (python) http://goo.gl/sPl3Yq
"htcap - Web 应用爬虫,通过劫持 Ajax 调用、监控 DOM 树的变化,递归爬取应用的所有页面: https://t.co/3kRB48LxFs"
-
[ Tools ] SAM registry hive parser (python) http://goo.gl/pUkSs9
"SAM 注册表 Hive 文件解析工具(Python): https://t.co/gkTRgs9LwA"
-
[ Windows ] Downgrading the RDP protocol by example: https://labs.portcullis.co.uk/blog/downgrading-rdp-connections-and-how-to-avoid-it/
"RDP 协议降级攻击以及如何避免 ︰ https://t.co/TFGkEdctYu"
-
[ Windows ] The architecture behind how Linux binaries running natively on Windows 10 works https://blogs.msdn.microsoft.com/wsl/2016/04/22/windows-subsystem-for-linux-overview/
"Windows 10 Linux 子系统的架构 - Linux 二进制文件时在 Windows 10 系统是如何工作的(Pico Process): https://t.co/mRNBZawrZb "
