腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Samsung: Stack buffer overflow in OTP TrustZone trustlet https://bugs.chromium.org/p/project-zero/issues/detail?id=938
"Samsung: Stack buffer overflow in OTP TrustZone trustlet: https://t.co/Oi717EcJXA"
-
[ Attack ] Russian APT 29 group launched cyber attacks against Norwegian authorities http://securityaffairs.co/wordpress/55958/apt/apt-29-group.html
"俄罗斯 APT 29 组织发起针对挪威当局的网络攻击: https://t.co/TObUtVzMgs"
-
[ Attack ] Dark web’s largest host ‘Freedom Hosting II’ hacked by Anonymous https://pirate.london/dark-webs-largest-host-freedom-hosting-ii-hacked-by-anonymous-3539dae56bd0#.y5q1hg24p
"暗网最大的主机 'Freedom Hosting II' 被黑: https://t.co/TNAprLkMpn "
-
[ Exploit ] Publicado el exploit del hackeo a Cellebrite Cellexploits01.tar.gz http://pastebin.com/Z8zutAdD
" Cellebrite Cellexploits01.tar.gz 下载链接: https://t.co/xCeV2fcx18 "
-
[ Linux ] [local] - Debian 9 ntfs-3g - Privilege Escalation https://www.exploit-db.com/exploits/41240/
" ntfs-3g (Debian 9) 本地提权 Exploit(CVE-2017-0358): https://t.co/ihRxtnofam"
-
[ Network ] Free and Open Internet Scanning Detection / Analysis / Metrics tool http://scan.netlab.360.com/#/dashboard
" 360 网络安全实验室的网络扫描在线监控平台: https://t.co/7YcWWBTSp4"
-
[ Others ] NCC Group Blog: Compromising Apache Tomcat via JMX access - https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/february/compromising-apache-tomcat-via-jmx-access/
" 通过 JMX(Java 消息扩展)接口攻破 Apache Tomcat,来自 NCC Group: https://t.co/7LtIt5ZS0c"
-
[ Popular Software ] Adobe: Adobe Acrobat Force-Installed Vulnerable Chrome Extension https://bugs.chromium.org/p/project-zero/issues/detail?id=1088
"Adobe: Adobe Acrobat Force-Installed Vulnerable Chrome Extension: https://t.co/suiTMM5ccm"
-
[ Protocol ] nice overview of various HTTP security headers: http://bit.ly/2kOxiRt - read and deploy, please!
" 关于 HTTP Security Headers,你需要了解的一切: https://blog.appcanary.com/2017/http-security-headers.html "
-
[ Tools ] MemoScope - Dump a .NET process from the memory -- #Reversing https://lnkd.in/e6itexA https://lnkd.in/eQuYYiE
" MemoScope - Dump 一个 .NET 进程的内存到文件: https://t.co/FfTI8lukkB https://t.co/nmOpCSkoQl"
-
[ Windows ] Watch @ pondsploit and @ bhollemb's at @ DerbyCon on Finding a Weak Link: Attacking Windows OEM Kernel Drivers - http://www.irongeek.com/i.php?page=videos/derbycon6/418-finding-a-weak-link-attacking-windows-oem-kernel-drivers-braden-hollembaek-adam-pond
" DerbyCon 2016 会议上的一篇演讲:寻找薄弱的一环 - 攻击 Windows OEM 内核驱动程序: https://t.co/4nD0uEtTk4"
-
Xuanwu Spider via Flanker[ Mobile ] 智能手机相比电脑,谁更安全: http://mp.weixin.qq.com/s?__biz=MzI3ODI4NDM2MA==&mid=2247483680&idx=1&sn=d34636d19e6a90ab6b8e9358eb399b72
-
Xuanwu Spider via Fortinet
[ Android ] Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook: https://blog.fortinet.com/2017/01/24/deep-analysis-of-android-rootnik-malware-using-advanced-anti-debug-and-anti-hook-part-i-debugging-in-the-scope-of-native-layer https://blog.fortinet.com/2017/01/24/deep-analysis-of-android-rootnik-malware-using-advanced-anti-debug-and-anti-hook-part-ii-analysis-of-the-scope-of-java
-
Xuanwu Spider via 新浪微博 文思邪
[ Mitigation ] 关于 CFI 的一篇 Paper 《Control-Flow Integrity: Precision, Security, and Performance》: https://nebelwelt.net/publications/files/17CSUR.pdfhttps://nebelwelt.net/publications/files/17CSUR.pdf
-
Xuanwu Spider via k0shl
[ Browser ] Firefox 50.0.2 释放后重用漏洞分析(CVE-2016-9899): http://whereisk0shl.top/firefox-uaf-cve-2016-9899-fck-rop-gadget.html