腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] #Unit42 looks into #DualToy: a new Windows #trojan that sideloads risky apps to Android & iOS devices http://bit.ly/2bYzj8Y
" DualToy - 通过 USB 连接向 Android/iOS 推送高风险 APP 的木马: https://t.co/NVgzfRoBBL"
-
[ Android ] If you want free Android kernel 0days, just track Qualcomm's QuIC disclosures. They drop a couple every month: https://www.codeaurora.org/multiple-memory-corruption-issues-write-operation-qdsp6v2-voice-service-driver-cve-2016-5343
"Multiple memory corruption issues in write operation in QDSP6v2 Voice Service driver (CVE-2016-5343),想获得 Android 0Day 就一直关注高通的漏洞披露就好了︰ https://t.co/WZckma9D3B"
-
[ Attack ] 324,000 Financial Records with CVV Numbers Stolen From A Payment Gateway http://thehackernews.com/2016/09/bluesnap-payment-gateway-hack.html
"324,000 条带有 CVV 码的财务记录被盗: https://t.co/GX60gbwasO"
-
[ Attack ] New InfoArmor Intelligence Report Available - GovRAT 2.0 Attacking US Military & Government http://tinyurl.com/h9hm9bm https://t.co/7DdewrGpBb
" InfoArmor 关于 GovRAT 2.0 恶意软件的情报报告,该攻击的目标为美国军方和政府: https://t.co/T36hmyebQV https://t.co/7DdewrGpBb"
-
[ Browser ] [dos] - Microsoft Internet Explorer 11.0.9600.18482 - Use After Free: Microsoft Internet Explorer 11.0.9600.1... http://bit.ly/2cpZ1p1
" Internet Explorer 11.0.9600.18482 UAF PoC: https://t.co/PxfEIsymb6"
-
[ Crypto ] Source code and tutorials for breaking white-box cryptography using differential computation analysis https://github.com/SideChannelMarvels/Deadpool/wiki
" Deadpool - 白盒加密实现以及相应的攻击实践: https://github.com/SideChannelMarvels/Deadpool "
-
[ Firmware ] A tale of an impossible bug: big.LITTLE and caching : http://www.mono-project.com/news/2016/09/12/arm64-icache/
" ARM big.LITTLE 架构与缓存的一个 Bug︰ https://t.co/IgqjhcM9D4"
-
[ Firmware ] Blog posted by David Barksdale sponsoring @ dwordj 's research: https://blog.exodusintel.com/2016/09/08/firmware-updates-made-easy/ #ICS #SCADA #ZeroDay #CyberSecurity
" Exodus 团队在 Comtrol RocketLinx ES8510-XTE 和 Opto 22 OPTEMU-SNR-DR2 两款设备中发现的固件更新漏洞: https://t.co/c6am7Mnri3 "
-
[ Fuzzing ] Fuzzing emulators https://mgba.io/2016/09/13/fuzzing-emulators/
" Fuzzing emulators: https://t.co/CeC7aFdKLZ"
-
[ iOS ] Wow, @ daveaitel credited with a bug fixed in iOS 10. https://support.apple.com/en-us/HT207143
" iOS 10 正式开始推送,可以下载更新了,iOS 10 修复的一些漏洞: https://t.co/ZZnpXBlyht"
-
[ iOS ] .#iOS10 Security Updates Move to #HTTPS: https://threatpost.com/ios-10-security-updates-move-to-https/120545/ via @ threatpost
" iOS 10 的安全更新将不再使用 HTTP 传输,而是 HTTPS: https://t.co/C5GciQyhEj"
-
[ Linux ] Linux Malware: Novelties in the Threat Landscape http://resources.infosecinstitute.com/linux-malware-novelties-threat-landscape/
" 近两年的 Linux 恶意软件总结,来自 InfoSec Blog: https://t.co/VV39Gz3qhc ;
-
[ Others ] Project Zero Prize: Remotely hack Nexus 5X+6P via Gmail/Messenger w/o user interaction to read third-party app data. http://j.mp/p0prize
" Project Zero 团队准备为高质量漏洞颁发 Project Zero Prize 奖,漏洞的标准为:在仅知道手机号和邮箱地址的情况下远程攻击 Android 设备: https://t.co/aHVPFctiWS"
-
[ Others ] Another amazing app whitelisting bypass from @ subTee http://subt0x10.blogspot.com/2016/09/bypassing-application-whitelisting.html
" 利用 MSBuild.exe 绕过应用白名单: https://t.co/RyZGydgHMq "
-
[ Pentest ] Powershell Reverse HTTP Exploit. https://github.com/mauri870/powershell-reverse-http
"Powershell 脚本实现的 HTTP 反弹连接: https://t.co/dU2slQ7lBr"
-
[ Pentest ] Tunneling C&C Over DNS: dnscat2 https://n0where.net/tunneling-cc-over-dns-dnscat2/ #InfoSec #CyberSecurity
" 基于 DNS 的 C&C 信道实现 - dnscat2: https://t.co/eOlZfKufI8 "
-
[ Popular Software ] .@ Adobe #Flash update patches 29 vulns, most are RCE. https://threatpost.com/adobe-back-with-new-flash-player-security-update/120540/ via @ threatpost
" Adobe Flash 发布补丁更新,本次更新修复了 29 个漏洞: https://t.co/1JgUloq4vZ"
-
[ Tools ] Vulnerability scanner (Vuls v0.1.6 Released) - Scan speed 20x Faster on Ubuntu : https://github.com/future-architect/vuls/releases/tag/v0.1.6
" Future-Architect 团队开发的一款漏洞扫描器︰ https://t.co/E9ZdIBtYQd Go 语言编写: https://github.com/future-architect/vuls "
-
[ Windows ] .@ microsoft #PatchTuesday updates address 10 RCE vulns + old bug in #Office hooking engine https://threatpost.com/microsoft-patches-47-vulnerabilities-with-september-patch-tuesday/120544/ via @ threatpost
" 微软发布 9 月份补丁公告,本次共修复 47 个漏洞,共 14 个补丁更新,其中 7 个为 Critical 级别: https://t.co/6QbZ8EG5GV https://technet.microsoft.com/en-us/library/security/ms16-sep.aspx "
-
[ Windows ] Microsoft Office Excel EOF Record Type Confusion Remote Code Execution Vulnerability http://srcincite.io/advisories/src-2016-38/ CVE-2016–3363 / MS16-107
"Microsoft Office Excel EOF Record 类型混淆 RCE(MS16-107/CVE-2016-3363) https://t.co/lf2jnYIXRD "
-
Xuanwu Spider via FreeBuf[ iOS ] “不越狱 装正版”?海马应用市场的广告程序已感染超7500万iOS用户 http://www.freebuf.com/news/114458.html
-
Xuanwu Spider via 腾讯 TSRC Blog
[ Android ] 移动APP漏洞自动化检测平台建设 https://security.tencent.com/index.php/blog/msg/109
前言:本文是《移动APP客户端安全笔记》系列原创文章中的第一篇,主要讲的是企业移动APP自动化漏洞检测平台建设,移动APP漏洞检测发展史与前沿技术,APP漏洞检测工具与平台,以及笔者的一些思考。希望能对移动App自动化漏洞检测感兴趣的同学有所帮助,限于笔者技术水平与文章篇幅,有些内容暂没有逐一详细分析,后续我争取多学习多分享,在此也欢迎大家指点和交流。