腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Conference ] Pacsec 2017 放出 11 个入选议题介绍: https://pacsec.jp/speakers.html
-
[ Firmware ] 对 BadBIOS、Evil Maids、Bootkits 及固件级恶意软件的检测,来自 PreOS Security 团队的 Paul English: https://ia601507.us.archive.org/2/items/seagl-2017/seagl-2017.pdf
-
[ Industry News ] BLU 手机固件被感染,大量用户受到影响: https://threatpost.com/down-the-rabbit-hole-with-a-blu-phone-infection/128390/
-
[ Industry News ] 美国知名征信机构 Equifax 表示周四下午网站没有被攻击,是站点上的第三方合作伙伴的代码嵌入了广告导致了跳转: https://threatpost.com/equifax-takes-down-compromised-page-redirecting-to-adware-download/128406/
-
[ Mobile ] 基于 ADB 调试器卸载 OEM 厂商预装的软件(无需 ROOT): https://www.xda-developers.com/uninstall-carrier-oem-bloatware-without-root-access/
-
[ Others ] Azure Security Center 对恶意 PowerShell 攻击的详细分析: https://azure.microsoft.com/en-us/blog/how-azure-security-center-unveils-suspicious-powershell-attack/
-
[ Others ] Intel 第四代 CPU HasWell 新引入的 Intel Boot Guard 保护特性的防护机制与自身的安全性研究。Intel-Boot-Guard 用于确保 BIOS 启动过程中的安全性。来自研究员 Alex Matrosov,今年夏天他在 BlackHat 也演讲了一个相关的议题《Betraying the BIOS: Where the Guardians of the BIOS are Failing》: https://github.com/corna/me_cleaner/wiki/Intel-Boot-Guard https://medium.com/@matrosov/bypass-intel-boot-guard-cc05edfca3a9 https://github.com/REhints/BlackHat_2017
-
[ Pentest ] 渗透测试工程师的子域名枚举指南: https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6
-
[ Tools ] Autorize - BurpSuite 自动化认证测试插件: https://github.com/Quitten/Autorize
-
[ Tools ] PythonClassInformer - NCC Group 开源的一个 IDA Pro 插件,用于分析并可视化 C++ 的运行时类型信息: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/
-
[ Vulnerability ] 之前 SensePost 开源了一个滥用 Exchange 服务的渗透工具 - Ruler,最近微软把 Ruler 所用的攻击向量当作漏洞给补了。于是 SensePost 又找到了一个攻击面: https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/
-
[ Conference ] CppCon 2017 会议所有的议题资料和视频: https://github.com/CppCon/CppCon2017 https://www.youtube.com/user/CppCon
-
[ Debug ] Windows 调试器 WinDBG 和 KD 学习系列 PPT: http://1drv.ms/1q2aPk6 https://www.youtube.com/watch?v=8zBpqc3HkSE&list=PLhx7-txsG6t6n_E2LgDGqgvJtCHPL7UFu https://www.youtube.com/user/TheSourceLens
-
[ Fuzzing ] 《Fuzz or lose: why and how to make fuzzing a standard practice for C++》,来自 CppCon 2017 会议上一篇关于 Fuzz 的议题: https://github.com/CppCon/CppCon2017/blob/master/Demos/Fuzz%20Or%20Lose/Fuzz%20Or%20Lose%20-%20Kostya%20Serebryany%20-%20CppCon%202017.pdf https://www.youtube.com/watch?v=k-Cv8Q3zWNQ
-
[ MalwareAnalysis ] 剖析Facebook恶意软件通过Chrome拓展传播的流程: https://mp.weixin.qq.com/s/zjTi3FjvzArvF86bgmumJA
-
[ MalwareAnalysis ] 用 IDA Pro 分析 CCleaner 后门中被篡改部分第二阶段的代码,来自 Talos: http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
-
[ MalwareAnalysis ] Locky Part 1: Lukitus Spam Campaigns and Their Love for Game of Thrones: https://www.trustwave.com/Resources/SpiderLabs-Blog/Locky-Part-1--Lukitus-Spam-Campaigns-and-Their-Love-for-Game-of-Thrones/ Locky Part 2: As the Seasons Change so is Locky https://www.trustwave.com/Resources/SpiderLabs-Blog/Locky-Part-2--As-the-Seasons-Change-so-is-Locky/
-
-
-
[ Tools ] DependencyCheck - OWASP 开源的一款用于从项目依赖库中找已披露漏洞的工具: https://github.com/jeremylong/DependencyCheck
-
[ Vulnerability ] 前天推送的【不需要宏代码,利用 DDE(Dynamic Data Exchange)协议实现 MS Word 的命令执行,弹出计算器】中所用的 DDE 技术在 Excel 中的实现: https://twitter.com/ryHanson/status/918598525792935936