腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Behind the PWN of a TrustZone。在 Android 设备的 TrustZone 中执行代码。来自 Nick Stephens 在 GeekPwn 上海站的分享: https://www.slideshare.net/GeekPwnKeen/nick-stephenshow-does-someone-unlock-your-phone-with-nose
-
[ Conference ] H2HC 2017 Slides/Materials/Presentations: https://github.com/h2hconference/2017
-
[ Industry News ] LLVM 编译器将要支持 Intel 的 Control-Flow Enforcement Technology - Shadow Stack: https://reviews.llvm.org/rL318996
-
[ macOS ] 在 macOS 10.13 上挂载 APFS 和 4K 镜像: https://www.mac4n6.com/blog/2017/11/26/mount-all-the-things-mounting-apfs-and-4k-disk-images-on-macos-1013
-
[ Malware ] 新公开的漏洞利用代码被用于传播 Mirai 变种: https://threatpost.com/newly-published-exploit-code-used-to-spread-marai-variant/128998/
-
[ Others ] 寻找公开可访问的 DigitalOcean Spaces 存储: https://blog.appsecco.com/hunting-publicly-accessible-digitalocean-spaces-for-pentesters-9516a4cd3c87
-
[ Popular Software ] Sysmon 6.20 新版的变化: https://www.darkoperator.com/blog/2017/11/24/operational-look-at-sysinternals-sysmon-620-update
-
[ SecurityReport ] 卡巴斯基实验室对市面上 IoT 设备安全性的分析: https://securelist.com/iot-lottery/83300/
-
-
[ Tools ] RamFuzz - 基于深度神经网络、自动化生成单元测试用例的 C++ 代码 Fuzzing: https://github.com/dekimir/RamFuzz/blob/master/sci/ramfuzz.md
-
[ Tools ] linux-explorer - 用于 Linux 现场取证的工具箱: https://github.com/intezer/linux-explorer
-
[ Virtualization ] 如何在 Azeria Labs 的 ARM 逆向虚拟机实验环境中测试栈溢出: https://azeria-labs.com/part-3-stack-overflow-challenges/
-
[ Vulnerability ] Synology StorageManager smart.cgi 远程命令执行漏洞披露: https://blogs.securiteam.com/index.php/archives/3540
-
[ Web Security ] 如何在7分钟黑掉40个网站: https://hackernoon.com/how-i-hacked-40-websites-in-7-minutes-5b4c28bc8824
-
[ Web Security ] Bypassing SAML 2.0 SSO with XML Signature Attacks: http://research.aurainfosec.io/bypassing-saml20-SSO/
-
[ Windows ] 如何配置 Device Guard Policy,为自己的 Surface 笔记本实现可执行文件白名单防护策略: https://posts.specterops.io/adventures-in-extremely-strict-device-guard-policy-configuration-part-1-device-drivers-fd1a281b35a8
-
[ Windows ] 利用 Windows 内核 NtQuerySystemInformation Warbird Class 的漏洞实现内核漏洞的提取利用。漏洞由 Project Zero mjurczyk 发现,这篇 Blog 作者为 Secarma 团队的 Adam(XPN): https://bugs.chromium.org/p/project-zero/issues/detail?id=1391&can=1&q=&sort=-id https://blog.xpnsec.com/windows-warbird-privesc/
-
[ Android ] Android Gmail 附件下载目录穿越漏洞,来自 Project Zero: https://bugs.chromium.org/p/project-zero/issues/detail?id=1342
-
[ Crypto ] SecurityIntelligence 团队搭建了一个密码爆破系统 - Cracken,这篇 Blog 介绍其硬件配置: https://securityintelligence.com/the-cracken-in-action-a-password-cracking-adventure/
-
[ Industry News ] 火绒安全警报:“Win10之家”首页被植入病毒 与多家知名网站互为友链: https://mp.weixin.qq.com/s/vJsd3F1nn5HMCByuTCMzFw
-
[ Industry News ] 那位泄露了 NSA Hacking Tools 的人究竟是谁?: https://krebsonsecurity.com/2017/11/who-was-the-nsa-contractor-arrested-for-leaking-the-shadow-brokers-hacking-tools/
-
[ Malware ] Tizi - Google 最近发现的一款针对非洲国家的后门间谍 APP 家族,Tizi 具有 ROOT 能力,专门用于偷取用户社交媒体 APP 的敏感信息: https://security.googleblog.com/2017/11/tizi-detecting-and-blocking-socially.html
-
[ MalwareAnalysis ] “夭折”的供应链攻击 - Defraggler被植入后门代码分析: https://mp.weixin.qq.com/s/RJZylxqQaUX3EYAcBsOznQ
-
[ Network ] 中共中央办公厅、国务院办公厅日前印发《推进互联网协议第六版(IPv6)规模部署行动计划》。下面是之前我们推送过的部分 IPv6 协议相关的资料: IPv6 数据包构造与安全测试框架 - Chiron: https://t.co/vdZo7MgqLo Paper: https://t.co/OichK9UTmv 为什么保障 IPv6 安全性那么困难:https://www.troopers.de/media/filer_public/42/1a/421a0a30-0a35-486a-b25e-7eea27f18ef7/troopers14-why_ipv6_security_is_so_hard-structural_deficits_of_ipv6_and_their_implications-enno_rey.pdf 关于 Cisco 网络设备 IPv6 ACL 策略配置的几篇文章, Part 3: https://t.co/vR70j3qpSl Part 2: https://t.co/r5mjVeTD52 Part 1: https://t.co/MfSgtq9PRm IPv6 网络中 MLD 协议对安全的影响, Paper: https://t.co/zSFjMAh6pj Windows Server IPv6 安全加固指南,来自 ERNW 2014 年的一篇文档: https://t.co/gujjasrbWb ipv6tools - 用于对启用 IPv6 的网络做健壮性测试的工具: https://t.co/0PlfOaAIJ9 Wireshark 中的 IPv6 协议分析:https://insinuator.net/2016/03/troopers-16-wireshark-in-ip-version-6/ https://www.troopers.de/media/filer_public/9c/c5/9cc5e4e1-1f2c-4d0b-9f69-87059eb9e931/ernw_tr16_ipv6_secsummit_ipv6-in-wireshark_jcarrell.pdf IPv6-only WiFi 体验的几点思考, 来自 Troopers 2016 会议: https://t.co/I4FmlkVDcp IPv6 攻击与防御完整指南, 来自 SANS 2012 年的一篇 Paper: https://t.co/rCbAL114gv 还有两个相关链接: https://github.com/Teino1978-Corp/Teino1978-Corp-APV6 https://gist.github.com/Teino1978-Corp/c7a855d0c0eaa348273b 企业中的 IPv6 安全战略, 来自 Troopers IPv6 安全峰会: https://t.co/06JfHY4WRc MrLooquer - 结合开源情报技术和数据挖掘技术, 创建实时 IPv6 部署情况图: https://www.mrlooquer.com/ 异常的 IPv6 分片以及操作系统的响应: https://t.co/235EsVKr2m 隐私不是一种选择: 攻击 IPv6 隐私扩展 https://t.co/65tv8FgPYo Juniper 设备之前修复了一个 IPv6 DDoS 漏洞: https://t.co/kOQvN1uur9
-
[ Others ] OpenATS续篇:搭建自己的卫星地球站: http://www.freebuf.com/articles/wireless/153793.html GitHub: https://github.com/OpenATS/OpenATS
-
[ Others ] 关于“猥琐流,文/Superhei:https://zhuanlan.zhihu.com/p/31450257?group_id=918510616457957376
-
-
-
-
[ ReverseEngineering ] 针对 Furby Connect 应用的逆向分析: https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect
-
[ SecurityProduct ] Ikraus Anti Virus 远程代码执行漏洞: https://blogs.securiteam.com/index.php/archives/3542
-
[ Vulnerability ] Image removal vulnerability in Facebook polling feature: https://blog.darabi.me/2017/11/image-removal-vulnerability-in-facebook.html
-
[ Web Security ] NCC Group 对 CakePHP MVC Web 框架的审计报告: https://www.nccgroup.trust/us/our-research/cakephp-security-assessment/?research=Public+Reports