腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] 过期坏链接导致的劫持攻击分析: https://edoverflow.com/2017/broken-link-hijacking/
-
[ Malware ] 新型勒索软件 Magniber 将目标瞄准韩国、亚太地区: https://threatpost.com/new-magniber-ransomware-targets-south-korea-asia-pacific/128567/
-
[ Others ] 使用 Mimikatz 和 Powersploit 提取 Windows 禁止导出的证书并逃避杀软查杀: https://insinuator.net/2017/10/extract-non-exportable-certificates-and-evade-anti-virus-with-mimikatz-and-powersploit/
-
[ Others ] DotNetInteropDemos - James Forshaw 开源的用于与 DotNetInterop 交互的 Demo 代码: https://github.com/tyranid/DotNetInteropDemos
-
[ Vulnerability ] TP-Link WR940N 路由器 CVE-2017-13772 远程代码执行漏洞的分析和利用,来自 Fidus 团队: https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/
-
[ Vulnerability ] CVE-2017-15670, CVE-2017-15671 glibc 的 glob 函数存在堆溢出与内存泄漏漏洞: http://seclists.org/oss-sec/2017/q4/119