腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2017/02/08

Vincent Lynch @vtlynch

[ Industry News ] OpenSSL will add TLS 1.3 support on April 5th https://www.thesslstore.com/blog/openssl-tls-1-3-april-5/

"OpenSSL TLS 1.3 将于今年4月5日发布： https://t.co/qqqkBh9bpb"
Nicolas Krassas @Dinosn

[ MalwareAnalysis ] Threat Spotlight: Satan RaaS https://blog.cylance.com/threat-spotlight-satan-raas

"恶意勒索软件 Satan 的分析报告： https://t.co/usJ9TrcjM1"
John Lambert @JohnLaTwC

[ MalwareAnalysis ] Nice post on some Mac Office VBA malware. https://objective-see.com/blog/blog_0x17.html h/t @ _jsoo_

"针对 macOS 的恶意 Office 恶意文档分析： https://t.co/u8glSHvmQ0"
McAfee Labs @McAfee_Labs

[ Others ] Analyzing CVE-2016-9311: NTPD Vulnerability Can Lead to Denial of Service http://intel.ly/2jWRbtP https://t.co/MeKCNk7Ks0

"CVE-2016-9311 NTPD 拒绝服务漏洞分析： https://t.co/8i5bXMxsgO https://t.co/MeKCNk7Ks0"
Nicolas Krassas @Dinosn

[ Tools ] Stitch - a cross platform python RAT https://github.com/nathanlopez/Stitch

"Stitch -- 基于 Python 的远程控制工具： https://t.co/QZMPWNKH5K"
雪碧0xroot @cn0Xroot

[ Tools ] metasploit-enables-iot-hardware-security-testing/ https://cn0xroot.com/2017/02/08/metasploit-enables-iot-hardware-security-testing/ #Pentest #IoT https://t.co/XSE4jXhyUg

"Metasploit 支持IoT安全测试： https://t.co/7UW5nLThdv "
FoxGlove Security @foxglovesec

[ Web Security ] New blogpost by @ jstnkndy on abusing Type Juggling and PHP Object Injection to gain SQLi https://foxglovesecurity.com/2017/02/07/type-juggling-and-php-object-injection-and-sqli-oh-my/

"PHP 测试：弱类型利用+对象注入=SQL注入: https://t.co/1Sb11WvvCU "
Nicolas Krassas @Dinosn

[ Web Security ] Remote Command Execution via Apache Struts OGNL Expression Injection https://techblog.mediaservice.net/2016/10/exploiting-ognl-injection/

"Apache Struts OGNL 表达式注入实现远程命令执行: https://t.co/X4oYi5LZzj"
Hossein Lotfi @hosselot

[ Windows ] Exploring Control Flow Guard in Windows 10: http://sjc1-te-ftp.trendmicro.com/assets/wp/exploring-control-flow-guard-in-windows10.pdf

"探索 Windows 10 CFG︰ https://t.co/fhp2zU3coA"

Xuanwu Spider via 绿盟科技博客

[ Mobile ] 移动APP安全测试要点： http://blog.nsfocus.net/mobile-app-security-security-test/
Xuanwu Spider via seebug

[ Popular Software ] WordPress REST API 内容注入漏洞分析： http://paper.seebug.org/208/
Xuanwu Spider via seebug

[ Android ] 深度分析使用高级反调试和反hook的Android Rootnik Malware，Part II：分析JAVA层： http://paper.seebug.org/209/
Xuanwu Spider via seebug & drops

[ Browser ] 攻击JavaScript引擎：一个JavaScriptCore的学习案例(CVE-2016-4622 (2016-10-27))： http://paper.seebug.org/207/#0-tsina-1-37955-397232819ff9a47a7b7e80a40613cfe1 另一篇相关文章： http://drops.wiki/index.php/2016/12/10/jscpwn/

2017/02/08