腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android 9 Pie 宣布发布 : https://blog.google/products/android-enterprise/android-9-pie-enterprise/amp/
-
[ Challenges ] CS:GO 远程代码执行 0-day - Real World CTF 资格赛 2018 解题报告: https://blog.perfect.blue/P90_Rush_B
-
[ Cloud ] 使用 Shielded VM 虚拟机来加固 GCP 工作负载: https://cloud.google.com/blog/products/gcp/security-in-plaintext-use-shielded-vms-to-harden-your-gcp-workloads
-
[ Cloud ] OpenNebula 4.6.1 云平台虚拟机 root 提权漏洞分析: https://web-in-security.blogspot.com/2018/08/save-your-cloud-gain-root-access-to-vms.html
-
[ Conference ] Pwine Awards 提名公布: https://pwnies.com/nominations/
-
[ Firmware ] Insteon Hub 2245-222 固件的一个栈溢出漏洞(CVE-2017-16252): https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16252
-
[ Industry News ] 台积电(TSMC)公司受 WANNACRY 影响导致生产线停工两天,手机供应链受到影响: https://threatpost.com/top-iphone-supplier-battles-wannacry-infection/134722/
-
[ Industry News ] Fortnite(堡垒之夜)游戏制造商表示其 Android 游戏版本只能通过该公司的网站下载,不再上架 Google Play 商店: https://threatpost.com/fortnite-skips-google-play-for-android-apps-irking-security-experts/134732/
-
[ MachineLearning ] 基于深度学习的智能网格错误数据注入攻击动态检测(Paper): https://arxiv.org/pdf/1808.01094.pdf
-
[ macOS ] 通过 macOS/iOS 的 knowledgeC.db 数据库精确分析用户和应用程序使用情况: https://www.mac4n6.com/blog/2018/8/5/knowledge-is-power-using-the-knowledgecdb-database-on-macos-and-ios-to-determine-precise-user-and-application-usage
-
[ OpenSourceProject ] 支持 TLS1. 3 的高性能开源 TLS 库 Fizz 发布: https://code.fb.com/networking-traffic/deploying-tls-1-3-at-scale-with-fizz-a-performant-open-source-tls-library/6
-
[ Others ] 通过 PowerShell 和 WMI 拷贝文件: https://www.fortynorthsecurity.com/copying-files-via-wmi-and-powershell/
-
[ Processor ] PowerPC 600 系列文章 Part 1: https://blogs.msdn.microsoft.com/oldnewthing/20180806-00/?p=99425
-
[ SecurityReport ] Kaspersky 发布 2018 Q2 季度 IT 威胁演变报告 : https://securelist.com/it-threat-evolution-q2-2018/87172/ 2018 Q2 季度 IT 威胁演变数据统计: https://securelist.com/it-threat-evolution-q2-2018-statistics/87170/
-
-
[ Tools ] repo-security-scanner - 用于查找 Git 仓库中的敏感信息泄露的工具: https://github.com/UKHomeOffice/repo-security-scanner
-
[ Tools ] Bashark - 纯 Bash 实现的后渗透测试工具: https://github.com/TheSecondSun/Bashark
-
[ Tools ] r0ak - 只需要管理员权限就可以实现在 Windows 内核态实现任意读写和代码执行的命令行工具: https://github.com/ionescu007/r0ak
-
[ Tools ] fluxion - 无线网络钓鱼攻击工具: https://github.com/FluxionNetwork/fluxion
-
[ Tools ] Win-PortFwd - 基于 netsh 实现的 Windows 端口转发脚本: https://github.com/deepzec/Win-PortFwd
-
[ Tools ] pytest-idapro - 用于交互式反汇编程序和 IDAPython 的 pytest 模块: https://github.com/nirizr/pytest-idapro
-
[ Tools ] 通过 meterpreter 创建内存磁盘: https://diablohorn.com/2018/08/06/creating-a-ram-disk-through-meterpreter/
-
[ Tools ] MpEnum - 枚举 Windows Defender 中的威胁家族并根据类别转储其名称: https://github.com/hfiref0x/MpEnum
-
[ Web Security ] 通过 Self XSS 以及反射型 XSS 获取的管理后台 XSS : https://medium.com/@friendly_/self-xss-leads-to-blind-xss-and-reflected-xss-950b1dc24647
-
[ Windows ] 深入理解 VBS 与 VSM,来自 BlueHat IL 上 Saar Amar 分享: https://github.com/saaramar/Publications/blob/master/BluehatIL_VBS_meetup/VBS_Internals.pdf
-
-
-
[ Popular Software ] VLC 采用 mingw-w64 进行编译,而 mingw-w64 默认并没有为编译的程序创建重定位表,因此系统无法为这类程序开启 ASLR: https://insights.sei.cmu.edu/cert/2018/08/when-aslr-is-not-really-aslr---the-case-of-incorrect-assumptions-and-bad-defaults.html