腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ APT ] APT28 组织赶在 Flash CVE-2017-11292 补丁部署之前攻击欧洲和美国用户,来自 Proofpoint 的分析: https://www.proofpoint.com/us/threat-insight/post/apt28-racing-exploit-cve-2017-11292-flash-vulnerability-patches-are-deployed
-
[ Attack ] WordFence 团队监测到最近攻击者开始以每天 2.5 万主机的速度扫描 WordPress 网站的 SSH 私钥: http://securityaffairs.co/wordpress/64522/breaking-news/ssh-keys-scan.html https://threatpost.com/hackers-take-aim-at-ssh-keys-in-new-attacks/128537/
-
[ Attack ] Proofpoint 研究员称来自中国的攻击者利用 .NET 刚补的漏洞(CVE-2017-8759)攻击美国组织机构: http://securityaffairs.co/wordpress/64499/apt/china-cyber-espionage-group.html
-
[ Browser ] Chromium Internals - Security Principal in Chromium,Chromium 的安全法则: http://netsekure.org/2015/11/23/chromium-internals-security-principal-in-chromium/
-
[ Browser ] 微软昨天发了一篇 Blog 介绍利用 Chrome V8 的漏洞在沙箱内也可以绕过一些 Web 安全策略(比如同源策略)。同时称,如果是 Edge,CFI 保护措施可以防御这个。有位研究员为此写了一篇 Blog 称有了 JS 的内存读写能力,CFI 也防不住: http://robert.ocallahan.org/2017/10/microsofts-chrome-exploitation-and.html
-
[ Browser ] Google 新推出了 "new Advanced Protection" 特性用于保护用户: http://securityaffairs.co/wordpress/64481/security/google-advanced-protection.html
-
[ Browser ] 利用 canMakeRequest 在页面中检测浏览器是否运行在隐身模式,在最新版 Chrome 62 版本依然有效: https://lukaszolejnik.com/stuff/incognito-detection.html
-
[ Compiler ] An Obfuscating Compiler,Paper: https://eprint.iacr.org/2017/050
-
[ Conference ] Hack.lu 2017 会议的所有演讲视频: https://t.co/X5rDHqEpTh
-
[ Crypto ] Blockchains(区块链)是什么: https://t.co/7MMAnnY0Kk
-
[ Exploit ] Checkpoint 对 EternalBlue(SMB MS17-010) 攻击套件的深度分析,《EternalBlue – Everything there is to know》: https://research.checkpoint.com/eternalblue-everything-know/
-
[ Hardware ] Hack.lu 2017 会议议题《Intel AMT: Using & Abusing the Ghost in the Machine》的视频: https://www.youtube.com/watch?v=aiMNbjzYMXo&feature=youtu.be
-
[ iOS ] iOS 11 不需要密码绕过锁屏界面访问照片(利用通话界面的 iMessage): https://www.youtube.com/watch?v=UuACukwj1yk
-
[ Linux ] Linux 内核 musl 组件 getaddrinfo() 刚刚修复一个栈缓冲区溢出漏洞: https://t.co/AEPUUGYrom https://twitter.com/thegrugq/status/699784765163999232
-
[ MalwareAnalysis ] Assemblyline - 分布式恶意软件自动化分析框架: https://bitbucket.org/cse-assemblyline/assemblyline
-
[ ReverseEngineering ] 利用 Frida 框架提高逆向工程中的工作效率,来自 Hack.Lu 会议: https://github.com/DigitalInterruption/DigitalInterruption.github.io/blob/master/Prototyping%20and%20reverse%20engineering%20with%20frida_hacklu.pdf https://github.com/DigitalInterruption/FridaWorkshop
-
[ SecurityReport ] Palo Alto 发布的《2017 SDx 基础设施安全报告》: http://go.paloaltonetworks.com/SecurityReport
-
[ Tools ] x64dbg 调试器将用轻量级的 zydis 反汇编框架替换 Capstone: https://x64dbg.com/blog/2017/10/18/goodbye-capstone-hello-zydis.html https://github.com/zyantific/zydis
-
[ Virtualization ] 利用 Row Hammer 攻击共享宿主的两台虚拟机:黑客、锤子与两个内存模块: https://thisissecurity.stormshield.com/2017/10/19/attacking-co-hosted-vm-hacker-hammer-two-memory-modules/
-
[ Windows ] 微软游戏定义(Microsoft Game Definition)文件编辑器 6.3.9600 存在 XML 外部实体注入漏洞: https://t.co/Mk7akjvncQ
-
[ Windows ] UMCI Bypass Using PSWorkFlowUtility(CVE-2017–0215): https://posts.specterops.io/umci-bypass-using-psworkflowutility-cve-2017-0215-71c76c1588f9
-
[ ] 据 Bleeping Computer 报道,一款中国国内的浏览器 JS "挖矿" 脚本 ProjectPoi 开始流行: http://www.solidot.org/story?sid=54177 https://www.bleepingcomputer.com/news/security/the-internet-is-rife-with-in-browser-miners-and-its-getting-worse-each-day/
-
-
[ Browser ] Chrome 62 发布,修复了 35 个安全问题,也引入了多个新特性,其中包括:支持 OpenType 可变字体,改进网页加载字体所需的时间;所有包含输入框的 HTTP 页面将被标记为不安全,而在隐身模式下所有 HTTP 页面将被标记为不安全: http://www.solidot.org/story?sid=54176
-
[ Browser ] Talos Blog 对 Chrome 62.0.3202.62 修复的 PDFium Tiff Decoder off-by-one 读写代码执行漏洞的分析(CVE-2017-5133): http://blog.talosintelligence.com/2017/10/GooglePDFium-Vulnerabilitiy.html
-
[ Bug Bounty ] Google 启动针对 Google Play 应用市场的 Bounty 项目 - Google Play Security Reward Program,报告热门 APP 的漏洞将会获得 1000 美金奖励: https://threatpost.com/google-play-bounty-promises-1000-rewards-for-flaws-in-popular-apps/128542/ http://security.googleblog.com/2017/10/introducing-google-play-security-reward.html
-
[ Compiler ] LLVM 昨天修复了一个无符号整数溢出漏洞: http://llvm.org/viewvc/llvm-project?view=revision&revision=316191
-
[ iOS ] Native LLDB(v3.8) for iOS - iOS 本地调试器, 360 Nirvan 团队 Proteas 开源的: https://github.com/Proteas/native-lldb-for-ios
-
[ Malware ] 昨天推送了 "攻击者利用 Magniber Exploit Kit 对韩国发起攻击",之后 FireEye 和 MalwareBytes 对此也相继发了分析文章: http://www.fireeye.com/blog/threat-research/2017/10/magniber-ransomware-infects-only-the-right-people.html https://blog.malwarebytes.com/threat-analysis/2017/10/magniber-ransomware-exclusively-for-south-koreans/
-
[ Windows ] TruePlay - Windows 为 PC 游戏开发者提供的一套反作弊工具: https://msdn.microsoft.com/en-us/library/windows/desktop/mt808781.aspx
-
[ WirelessSecurity ] WEBee: Physical-Layer Cross-Technology Communication via Emulation(物理层跨协议无线通信与模拟): https://www.researchgate.net/publication/320221121_WEBee_Physical-Layer_Cross-Technology_Communication_via_Emulation