腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Malware ] Ursnif 银行木马再次锁定日本: https://threatpost.com/ursnif-banking-trojan-spreading-in-japan/128643/
-
[ MalwareAnalysis ] Bad Rabbit 勒索软件中存在 EternalRomance: https://threatpost.com/eternalromance-exploit-found-in-bad-rabbit-ransomware/128645/
-
[ MalwareAnalysis ] RiskIQ 对 Bad Rabbit 进行追查分析后发现其幕后的组织已经秘密行动很久了: https://www.riskiq.com/blog/labs/badrabbit/
-
[ MalwareAnalysis ] FireEye 发现 BACKSWING 正在协助分发 BadRabbit 勒索软件 : https://www.fireeye.com/blog/threat-research/2017/10/backswing-pulling-a-badrabbit-out-of-a-hat.html
-
[ Popular Software ] McAfee 对微软 Office 内存破坏漏洞利用分析(CVE-2017-11826) : https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability/ ; 卡巴斯基实验室也对 CVE-2017-11826 漏洞利用进行了分析: https://securelist.com/analyzing-an-exploit-for-%D1%81ve-2017-11826/82869/
-
[ Tools ] Awesome-Hacking-Resources : https://github.com/vitalysim/Awesome-Hacking-Resources
-
[ Vulnerability ] 卫星通信公司 InmarsatGlobal 被发现其 SATCOM 系统中存在两处严重漏洞: https://threatpost.com/two-critical-vulnerabilities-found-in-inmarsats-satcom-systems/128632/
-
[ Windows ] 绕过 Microsoft Autoruns 启动项检测的技巧: https://blog.conscioushacker.io/index.php/2017/10/25/evading-microsofts-autoruns/
-
[ Browser ] Chrome 发布 62.0.3202.75 版本,修复了一个 v8 的高危漏洞: https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html
-
-
[ Fuzzing ] A_Whole_New_Efficient_Fuzzing_Strategy_for_Stagefright_Porting_and_Optimisations,来自 ele7enxxh : https://github.com/ele7enxxh/slides/blob/master/A_Whole_New_Efficient_Fuzzing_Strategy_for_Stagefright_Porting_and_Optimisations-ruxcon2017.pdf
-
[ Industry News ] 前段时间 NSA 怀疑卡巴斯基与俄罗斯政府合作窃取机密信息。昨天卡巴斯基澄清:是 NSA 的员工装了一个带有后门的微软 Office 破解工具(key-gen),该 key-gen 会窃取 NSA 的武器库(Exploits),而卡巴斯基只是通过云查杀功能检测到了该 key-gen 并作为病毒上传而已: https://www.theregister.co.uk/2017/10/25/kaspersky_nsa_keygen_backdoor_office
-
[ MalwareAnalysis ] BadRabbit勒索蠕虫样本深入分析,来自 天融信阿尔法实验室: http://blog.topsec.com.cn/ad_lab/badrabbit%E5%8B%92%E7%B4%A2%E8%A0%95%E8%99%AB%E6%A0%B7%E6%9C%AC%E6%B7%B1%E5%85%A5%E5%88%86%E6%9E%90/
-
-
[ Popular Software ] SecureLayer7 对 KeystoneJS 的渗透测试报告: https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf
-
-
[ Vulnerability ] Cisco Talos 团队披露 Apache OpenOffice 的多处代码执行漏洞(CVE-2017-9806、CVE-2017-12607、CVE-2017-12608): http://blog.talosintelligence.com/2017/10/vulnerability-spotlight-apache.html
-
[ Vulnerability ] libcurl IMAP FETCH response 解析存在越界读漏洞(CVE-2017-1000257): http://www.geeknik.net/7k9et2d9e
-
[ Web Security ] 通过 XSS 漏洞盗取 Amazon EC2 Keys: https://ionize.com.au/stealing-amazon-ec2-keys-via-xss-vulnerability/