腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Linux ] Intel TSX/RTM (Restricted Transactional Memory) 缓存侧信道攻击 Bypass Linux kASLR PoC: https://github.com/vnik5287/kaslr_tsx_bypass
-
[ Others ] 把 Xbox360 的可执行文件移植到 Windows 系统上运行: https://github.com/rexdex/recompiler
-
[ Others ] 有人创建了一个 Tor Hidden Service 钓鱼我的 Hidden Service: http://incoherency.co.uk/blog/stories/hidden-service-phishing.html
-
[ Popular Software ] Microsoft Office 在嵌入远程对象(如:图片)时,客户端打开文档时会尝试下载该对象。下载时发送的 SMB 请求可以泄露用户的隐私信息,包括:主机环境信息、Windows 版本、Office 版本等等: https://blogs.securiteam.com/index.php/archives/3463
-
[ Tools ] NtlmRelayToEWS - 针对 Exchange 邮件服务器 EWS 接口的 NTLM 中继攻击工具: https://github.com/Arno0x/NtlmRelayToEWS
-
-
[ Tools ] Puny Domain Check - 用于检测 Punycode 域名的工具: https://github.com/anilyuk/punydomaincheck
-
[ Vulnerability ] 中兴云桌面 ZTE uSmartView DLL 劫持漏洞: https://blogs.securiteam.com/index.php/archives/3457
-
[ Windows ] 从 Windows 7 开始引入的 Windows API Sets schema DLL 跳转机制是怎么回事儿: https://lucasg.github.io/2017/10/15/Api-set-resolution/
-
[ WirelessSecurity ] WiFi WPA2/802.11 Group Keys 的预测、解密和滥用: https://lirias.kuleuven.be/bitstream/123456789/547640/1/usenix2016-wifi.pdf
-
[ Attack ] 利用 DNS typosquatting(错别字)实现实战性的水坑攻击 : https://blog.0day.rocks/practical-waterholing-through-dns-typosquatting-e252e6a2f99e
-
[ Challenges ] FireEye 2017 Flare-On CTF 比赛的 Writeup: https://www.fireeye.com/blog/threat-research/2017/10/2017-flare-on-challenge-solutions.html
-
[ Industry News ] qwertyoruiopz 贴出了一张 PS4 5.00 Exploit 的图片: https://twitter.com/qwertyoruiopz/status/919627519539675138
-
[ macOS ] Mac OS X 10.12隔离机制绕过漏洞,该漏洞允许攻击者绕过Apple的隔离机制,不受任何限制执行任意JavaScript代码。前段时间推送过这篇公告的英文版( https://blogs.securiteam.com/index.php/archives/3449 ),这次是中文版: https://blogs.securiteam.com/index.php/archives/3481
-
[ MalwareAnalysis ] 腾讯安全反病毒实验室:捕获多起Ramnit僵尸网络家族的DDoS攻击: http://www.freebuf.com/articles/web/150220.html
-
-
[ Popular Software ] Shadowsocks 被发现多个漏洞,可以实现本地命令执行: https://x41-dsec.de/lab/advisories/x41-2017-008-shadowsocks/ https://x41-dsec.de/lab/advisories/x41-2017-010-shadowsocks-libev/
-
-
[ Vulnerability ] UNIX 系统 Web 管理接口软件 Webmin XSS、CSRF、SSRF 漏洞: https://blogs.securiteam.com/index.php/archives/3430
-