腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] Hunting Libyan Scorpions - Investigating a Libyan Cyber Espionage Campaign Targeting High-Profile Influentials! https://t.co/XynhCANHjs
" 猎捕利比亚的蝎子 - 针对利比亚高级间谍攻击行动的调查报告,来自 CyberKOV: https://t.co/XynhCANHjs"
-
[ Conference ] REcon 2016 Presentation Videos https://recon.cx/2016/recordings/
" RECon 2016 会议的演讲视频下载: https://t.co/XnY7AiiBDT"
-
[ Crypto ] An overview of TLS 1.3 and Q&A http://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/
" An overview of TLS 1.3 and Q&A,来自 CloudFlare: https://t.co/EomSeTwbuo"
-
[ iOS ] Researchers Find ‘Severe’ Password Security Hole with iOS 10 Backups https://threatpost.com/researchers-find-severe-password-security-hole-with-ios-10-backups/120834/
" 研究员在 iOS 10 备份机制中发现了一个严重的密码爆破漏洞: https://t.co/FggtN5xx8N "
-
[ Linux ] ripgrep is faster than {grep, ag, git grep, ucg, pt, sift} : http://blog.burntsushi.net/ripgrep/
"ripgrep - Linux 文件搜索工具,比 grep 等工具速度快: https://t.co/rNCgv5WpHg"
-
[ Malware ] Hancitor (AKA Chanitor) observed using multiple attack approaches http://www.fireeye.com/blog/threat-research/2016/09/hancitor_aka_chanit.html
"Hancitor (AKA Chanitor) 采用 3 种新方法投递恶意软件: https://t.co/IqA0RGYjtc"
-
[ Others ] Exploiting masks in Hashcat for fun and profit : https://www.unix-ninja.com/p/Exploiting_masks_in_Hashcat_for_fun_and_profit
" Exploiting masks in Hashcat for fun and profit︰ https://t.co/nhkCTcLdDj"
-
[ Others ] UEFI Driver Development (Part 1) : http://blog.eciton.net/uefi/uefi-driver-part1.html
"UEFI 驱动程序开发 (Part 1): https://t.co/ooMDuu6uk7"
-
[ Others ] Public repository for improvements to the EXTRABACON exploit https://github.com/RiskSense-Ops/CVE-2016-6366
" 思科 ASA EXTRABACON Exploit 的优化版本: https://t.co/ZjtgdspV2s "
-
[ Popular Software ] Just posted two advisories for priv esc in Magnicomp SysInfo. https://labs.mwrinfosecurity.com/advisories/magnicomps-sysinfo-root-setuid-local-privilege-escalation-vulnerability/ https://labs.mwrinfosecurity.com/advisories/multiple-vulnerabilities-in-magnicomps-sysinfo-root-setuid/ @ bouuntyyy @ fang0654
" MWR Labs 研究员在 Magnicomp SysInfo 管理工具中发现的两个提权漏洞: https://t.co/p9L9dCs7Mb https://t.co/5UC0VI5wig "
-
[ ReverseEngineering ] Reversing GO binaries like a pro (in IDA Pro) http://rednaga.io/2016/09/21/reversing_go_binaries_like_a_pro/ w/ code release https://github.com/strazzere/golang_loader_assist/
" 在 IDA 中逆向 Go 二进制程序: https://t.co/f17RtlJCIH GitHub Repo: https://t.co/UCW5H1HYdi"
-
[ Tools ] Hex-Rays Plug-In Contest 2016 results: https://www.hex-rays.com/contests/2016/index.shtml
" 2016 年 IDA 插件比赛的结果︰ https://t.co/2kGGHmsm91"
-
[ Windows ] Fun bug in the Per-App registry hives, and an exploit abusing weird Type Library loading behavior, one for @ subTee. https://bugs.chromium.org/p/project-zero/issues/detail?id=865
" Windows NtLoadKeyEx 系统调用 Registry Hives 加载提权漏洞,来自 Project Zero Issue 865: https://t.co/EV1d4uI0p1"
-
[ Windows ] New blogspam up for today. "Using Netshell to execute evil DLLs and persist on a host" http://www.adaptforward.com/2016/09/using-netshell-to-execute-evil-dlls-and-persist-on-a-host/ #DFIR #ThreatHunting
" 利用 NetShell 执行恶意的 DLL: https://t.co/KwhzJR6ZPH "
-
[ WirelessSecurity ] Android platform WIFI Pentest tool zANTI v2.5 Release http://www.freebuf.com/sectool/115051.html #WIFI #Hacking https://t.co/K40p6e259n
"Android WiFi 渗透测试客户端 zANTI 2.5 版本下载: https://t.co/BCRURAWxUZ "
-
[ WirelessSecurity ] GNU Radio tutorials Part1 http://www.white-alone.com/GNURadio%E6%95%99%E7%A8%8B_1/ Part3 http://www.white-alone.com/GNURadio%E6%95%99%E7%A8%8B_3/ #SDR
"GNU Radio 教程 Part 1: https://t.co/MjMvDRP90r Part 3: https://t.co/lnAn5j2p4r "
