腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News) - 2018/06/16

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ MalwareAnalysis ] Necurs botnet Malspam 使用 .IQY 文件分销 AMMYY RAT 恶意软件: https://www.malware-traffic-analysis.net/2018/06/13/index.htmlAMMYY RAT Downloader 分析： https://secrary.com/ReversingMalware/AMMY_RAT_Downloader/
[ Mobile ] Samsung Web Viewer for Samsung DVR 反射型 XSS 漏洞披露(CVE-2018-11689)： http://seclists.org/fulldisclosure/2018/Jun/40?utm_source=feedburner&;utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29
[ Programming ] 编写 TCP/IP 协议栈 Part 3：TCP 基础和握手： http://www.saminiir.com/lets-code-tcp-ip-stack-3-tcp-handshake/Part 2： http://www.saminiir.com/lets-code-tcp-ip-stack-2-ipv4-icmpv4/Part 1： http://www.saminiir.com/lets-code-tcp-ip-stack-1-ethernet-arp/
[ Tools ] wpCrack - wordpress hash 破解脚本： https://github.com/MrSqar-Ye/wpCrack
[ Tools ] oxml_xxe - 将 XXE/XML 漏洞利用嵌入到不同文件类型的工具： https://github.com/BuffaloWill/oxml_xxe
[ Tools ] house - 基于 Frida 实现的运行时移动应用程序分析工具包: https://outflux.net/blog/archives/2018/06/14/security-things-in-linux-v4-17
[ Tools ] 使用 Sysmon 配置强大的客户端检测环境 Part 3 - 篡改 Sysmon 配置： https://medium.com/@olafhartong/endpoint-detection-superpowers-on-the-cheap-part-3-sysmon-tampering-49c2dc9bf6d9
[ Tools ] awesome vehicle security ： https://github.com/jaredthecoder/awesome-vehicle-security
[ Windows ] Microsoft COM for Windows 远程代码执行漏洞(CVE-2018-0824)分析及 PoC： https://codewhitesec.blogspot.com/2018/06/cve-2018-0624.html