腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] Tor 浏览器推出 Android 移动端版本: https://threatpost.com/tor-brings-onion-browser-to-android-devices/137325/
-
[ Browser ] Zerodium Tor Browser 7.x 的 NoScript 绕过: https://gist.github.com/x0rz/8198e8e22b1f70fddb9c815c1232b795
-
[ Browser ] Apple Safari 和 Microsoft Edge 浏览器的地址栏欺骗漏洞 : https://www.rafaybaloch.com/2018/09/apple-safari-microsoft-edge-browser.html
-
[ Browser ] Safari 技术预览版 64 发布: https://webkit.org/blog/8411/release-notes-for-safari-technology-preview-65/
-
[ Defend ] 通过 DARPA 的 CFAR 保护软件免受漏洞利用威胁: https://blog.trailofbits.com/2018/09/10/protecting-software-against-exploitation-with-darpas-cfar/
-
[ MalwareAnalysis ] IoT/Linux 僵尸网络 Mirai 和 Gafgyt 使用 Apache Struts、SonicWall 以及其它诸多漏洞进行传播: https://researchcenter.paloaltonetworks.com/2018/09/unit42-multi-exploit-iotlinux-botnets-mirai-gafgyt-target-apache-struts-sonicwall/
-
[ MalwareAnalysis ] .NET 恶意软件下载者分析: https://www.cybereason.com/blog/.net-malware-dropper
-
[ MalwareAnalysis ] 安卓银行木马 anubis 分析,该木马可以拦截短信以绕过双因素认证: http://garwarner.blogspot.com/2018/09/android-malware-intercepts-sms-2fa-we.html
-
[ MalwareAnalysis ] LuckyMouse 使用中国IT公司的证书签署恶意 NDISProxy 驱动程序: https://securelist.com/luckymouse-ndisproxy-driver/87914/
-
[ Mitigation ] 微软正式给出关于 Windows 中安全边界,安全功能和缓解措施的标准定义,并注明相关的安全漏洞是否可以获得奖金: https://www.microsoft.com/en-us/msrc/windows-security-servicing-criteria
-
[ Mobile ] 如何通过 USB 攻破 Android 手机,来自 Project Zero blog : https://googleprojectzero.blogspot.com/2018/09/oatmeal-on-universal-cereal-bus.html
-
[ Pentest ] 使用 AWS 搭建无服务器红队基础设施 Part 1,Web 错误: https://www.mdsec.co.uk/2018/09/serverless-red-team-infrastructure-part-1-web-bugs/
-
[ Tools ] malwoverview - 对包含恶意软件样本的目录执行初始化和快速分类的工具: https://github.com/alexandreborges/malwoverview
-
[ Tools ] CredNinja - 通过 SMB 协议检测账户可用性的工具: https://github.com/Raikia/CredNinja
-
[ Tools ] salt - 用于追踪 Linux 内核 SLUB 分配器状态的工具: https://github.com/PaoloMonti42/salt
-
[ Virtualization ] 一款开源的使用C语言开发的 Hypervisor: https://twitter.com/i/web/status/1039039710595756033
-
[ Vulnerability ] Zenmap (Nmap) 7.70 拒绝服务 POC: https://www.exploit-db.com/exploits/45357/
-
[ Vulnerability ] 如何使用 Google 的 CSP 评估程序绕过 CSP: https://blog.thomasorlita.cz/vulns/google-csp-evaluator/
-
[ Web Security ] What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability,关于 WebLogic、WebSphere、JBoss、Jenkins和OpenNMS的反序列化漏洞导致远程代码执行的研究 : https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
-
[ Windows ] Windows 内核漏洞利用提权教程: http://www.hackingarticles.in/windows-kernel-exploit-privilege-escalation/
-
-
[ macOS ] macOS/iOS 上的一个沙盒问题,在用户交互的情况下,可以弹出计算器: https://medium.com/0xcc/a-useless-sandbox-issue-on-both-macos-ios-68597e19b309
-
-
[ Popular Software ] 密码管理工具 True Key 的错误补丁分析(CVE-2018-6661): https://blog.exodusintel.com/2018/09/10/truekey-the-not-so-uncommon-story-of-a-failed-patch/
-
-
[ Tools ] 深入理解 Hongfuzz 的内部 - Intel PT: https://tunnelshade.in/blog/2018/09/hongfuzz-intel-pt-instrumentation/
-
[ Tools ] 通过 Intel’s Streaming SIMD Extensions 3((MONITOR\MWAIT)的内核调试技巧: https://rayanfam.com/topics/using-intels-streaming-simd-extensions-3-monitormwait-as-a-kernel-debugging-trick/