腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] 利用 Google 的 SafetyNet Attestation API 实现 Android 应用完整性检查(Application Integrity Security Control): https://census-labs.com/news/2017/11/17/examining-the-value-of-safetynet-attestation-as-an-application-integrity-security-control/
-
[ Browser ] Chrome 63 版本将支持 Dynamic import() 新特性: https://twitter.com/i/web/status/932914724060254208 https://developers.google.com/web/updates/2017/11/dynamic-import
-
[ Industry News ] 英特尔修复了影响数百万台个人电脑和服务器的 CPU 漏洞: https://threatpost.com/intel-patches-cpu-bugs-impacting-millions-of-pcs-servers/128962/
-
[ Industry News ] 据报道,Uber 支付给黑客 10 万美元'封口费',用来掩盖 5700 万用户数据被泄露的秘密: https://motherboard.vice.com/en_us/article/ne3pqm/uber-data-breach-57-million-customers
-
[ MalwareAnalysis ] 新型 LINUX/AES.DDOS IoT 恶意软件分析 Part 1: https://lloydlabs.github.io/post/aes-ddos-analysis-part-1/
-
[ MalwareAnalysis ] KaiXin Exploit Kit 分析: http://www.nao-sec.org/2017/11/analyzing-kaixin-exploit-kit.html
-
[ MalwareAnalysis ] Trickbot 木马 Socks5 回连后门模块的逆向分析: http://www.vkremez.com/2017/11/lets-learn-trickbot-socks5-backconnect.html
-
[ Others ] Windows 内核多个栈和池的内存信息泄漏到 NTFS 文件系统的元数据中(CVE-2017-11880): https://bugs.chromium.org/p/project-zero/issues/detail?id=1325
-
[ Popular Software ] 剖析第三方聊天工具 Chats Chats Chats 的攻击界面: https://speakerdeck.com/shikarisenpai/chat-with-a-hacker
-
[ SecurityReport ] NIST 发布的应用容器安全指南: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-190.pdf
-
[ Tools ] Java-Deserialization-Cheat-Sheet - Java 反序列化漏洞利用速查表: https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
-
[ Tools ] GitMiner - 从 Github 仓库中提取敏感信息的工具: https://github.com/UnkL4b/GitMiner
-
[ Tools ] DNS-Shell - 基于 DNS 协议实现的交互式 Shell: https://github.com/sensepost/DNS-Shell
-
[ Tools ] RepoSsessed - 解析公共源代码库并查找各种类型的漏洞的项目: https://github.com/IOActive/RepoSsessed
-
-
[ Web Security ] OWASP 发布了 2017 年的《最严重的 10 种 Web 安全威胁》: https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf
-
[ Windows ] 昨天 CERT/CC 发文称当 Windows 启用系统级 ASLR 时,应用级 ASLR 会受影响不正常工作。对此,微软做出了回应:"没有问题,CERT/CC 说的配置问题仅仅影响部分没有启用 ASLR 的 EXE": https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr/
-
[ Windows ] win32k!xxxSendMenuSelect 中存在 Windows 内核栈内存信息泄漏漏洞(CVE-2017-11853): https://bugs.chromium.org/p/project-zero/issues/detail?id=1362
-
[ Browser ] New in Firefox 58: Developer Edition: https://hacks.mozilla.org/2017/11/new-in-firefox-58-developer-edition/
-
[ Fuzzing ] The Art of Fuzzing – slides and demos: https://sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/index.html
-
[ Industry News ] 当禁用位置服务时,Google 依然在收集Android 用户信息:https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/
-
[ Industry News ] 据作者统计 433,000 个站点中有 77% 使用了存在已知安全漏洞的 JavaScript 库:https://snyk.io/blog/77-percent-of-sites-still-vulnerable/
-
[ Industry News ] Newly Discovered attack Technique Forges Authentication to cloud APPS: https://www.cyberark.com/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-cloud-apps/
-
-
[ Linux ] Replacing x86 firmware with Linux and Go: https://lwn.net/SubscriberLink/738649/81007748bf15c1e5/
-
-
-
[ Rootkit ] Ring3 / Ring0 Rootkit Hook Detection 1/2: http://www.pentestingexperts.com/ring3-ring0-rootkit-hook-detection-1-2/
-
-
[ Virtualization ] VMware Workstation NAT IP 分片重组中存在堆缓冲区溢出漏洞(CVE-2017-4934): http://www.zerodayinitiative.com/advisories/ZDI-17-921/