腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] V8 团队 Blog 对性能优化分析组件 CodeStubAssembler 的介绍: https://v8project.blogspot.com/2017/11/csa.html
-
[ Industry News ] GitHub 社区对已经启用依赖图谱(Dependency Graph)功能的用户会推送已知漏洞预警: https://github.com/blog/2470-introducing-security-alerts-on-github
-
[ Linux ] Linux Kernel 3.11 < 4.8 0 SO_SNDBUFFORCE SO_RCVBUFFORCE 本地提权漏洞利用 (CVE-2016-9793): https://cxsecurity.com/issue/WLB-2017050084
-
[ macOS ] macOS 操作系统桌面搜索引擎 Spotlight 因为接受内核的文件系统通知事件而暴露的攻击面分析: https://blog.doyensec.com/2017/11/15/osx-spotlight.html
-
[ Others ] PHP 从本地文件包含漏洞到远程代码执行漏洞的利用方式介绍: https://rawsec.ml/en/local-file-inclusion-remote-code-execution-vulnerability/
-
[ Tools ] SpookFlare - Meterpreter 加载器生成工具,可绕过客户端和网络端的防御: https://github.com/hlldz/SpookFlare
-
[ Web Security ] 国外媒体 Freedom to Tinker 报道,某些网站使用的第三方脚本竟然包含[会话重放]功能,这些脚本可以收集用户的个人隐私数据,包括击键信息、鼠标移动数据: https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/
-
[ WirelessSecurity ] 研究员 ScottyBauer 在其 GitHub Repo Android_Kernel_CVE_POCs 中新添加了几个远程 WiFi 漏洞的 PoC: https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/tree/master/wifi
-
-
[ Browser ] CVE-2016-7202:Overflow in Array.reverse: https://mp.weixin.qq.com/s/lHWzYgIzB0p0biUYwuqWEg
-
-
[ Industry News ] . IBM、PCH、GCA 联合发布 Quad9 带隐私和安全防护黑名单的免费 DNS 服务(9.9.9.9 ): https://www.globalcyberalliance.org/ibm-packet-clearing-house-global-cyber-alliance-collaborate-protect-businesses-consumers-internet-threats.html
-
[ Industry News ] Mozilla 向 CA 组织发送了一封关于 Mozilla Root Store Policy 的交流请愿: https://blog.mozilla.org/security/2017/11/16/november-2017-ca-communication/
-
[ Industry News ] 快消时尚品牌 FOREVER 21 顾客支付卡信息恐遭泄漏: https://www.prnewswire.com/news-releases/notice-of-payment-card-security-incident-300555878.html
-
[ Industry News ] Why I walked away from $30,000 of DJI bounty money : http://www.digitalmunition.com/WhyIWalkedFrom3k.pdf
-
-
-
-
[ MalwareAnalysis ] Android Malware Detection using Markov Chain Model of Application Behaviors in Requesting System Services: https://arxiv.org/pdf/1711.05731.pdf
-
-
[ Pentest ] 在横向渗透中利用 Outlook CreateObject 及 DotNetToJScript: https://posts.specterops.io/lateral-movement-using-outlooks-createobject-method-and-dotnettojscript-a88a81df27eb
-
[ Popular Software ] CouchDB漏洞(CVE–2017–12635, CVE–2017–12636)分析: http://bobao.360.cn/learning/detail/4716.html
-
-
-
[ SecurityReport ] 2017 State of Open Source Security Report: https://snyk.io/blog/launching-state-of-oss-security/
-
-
[ Tools ] 禁止当前 Powershell Session 中的 ETW 事件追踪模块: https://gist.github.com/tandasat/e595c77c52e13aaee60e1e8b65d2ba32
-
-
[ Vulnerability ] MalwareBenchmark又爆0-day涉及yaml语言:CVE-2017-16615: https://mp.weixin.qq.com/s/ecEB-SCowg8dINrpwt7X9w
-
[ Vulnerability ] Sitefinity CMS version 10.1 中发现多个漏洞: https://www.sec-consult.com/en/blog/advisories/broken-access-control-linq-injection-in-progress-sitefinity/index.html
-
[ Windows ] Pwn2Own 2017 Windows 内核漏洞 PoC: https://github.com/progmboy/kernel_vul_poc/tree/master/windows/cursor_poc
-