腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] ''Where Android’s latest security enhancements help,and where they fail'',介绍了 Android 最新安全功能所提供的帮助与问题 : https://blog.zimperium.com/wp-content/uploads/2018/08/BSidesLV-Talk-Treble-or-Trouble.pdf
-
[ Attack ] 在 Metasploit 框架中嵌入逃避防病毒软件(AV)的技术,来自 rapid7 : https://www.rapid7.com/globalassets/_pdfs/whitepaperguide/rapid7-whitepaper-metasploit-framework-encapsulating-av-techniques.pdf
-
[ Browser ] Firefox 信息泄露漏洞详情披露(CVE-2018-12387): https://blogs.securiteam.com/index.php/archives/3766
-
[ Browser ] Chakra JIT 类型混淆漏洞(CVE-2018-8467): https://bugs.chromium.org/p/project-zero/issues/detail?id=1613
-
[ Browser ] Chakra JIT BailOutOnInvalidatedArrayHeadSegment 检查绕过漏洞(CVE-2018-8466): https://bugs.chromium.org/p/project-zero/issues/detail?id=1612
-
[ Conference ] Derbycon 2018 大会 Videos : https://www.irongeek.com/i.php?page=videos/derbycon8/mainlist
-
[ MalwareAnalysis ] 网络钓鱼活动使用盗用电子邮件账户回复正常邮件来传播 URSNIF 恶意软件: https://blog.trendmicro.com/trendlabs-security-intelligence/phishing-campaign-uses-hijacked-emails-to-deliver-ursnif-by-replying-to-ongoing-threads/
-
[ Others ] 详细介绍传统 JavaScript 基准测试: http://benediktmeurer.de/2016/12/16/the-truth-about-traditional-javascript-benchmarks/
-
[ Popular Software ] WhatsApp:RTP 处理中的堆破坏漏洞披露: https://bugs.chromium.org/p/project-zero/issues/detail?id=1654
-
[ SecurityAdvisory ] Microsoft 发布 2018 年 10 月安全公告: https://portal.msrc.microsoft.com/en-us/security-guidance/acknowledgments
-
[ Tools ] 介绍 PE-SIEVE 工具如何用于检测 Hook 和代码注入: https://speakerdeck.com/hshrzd/pe-sieve-detecting-hooking-and-code-implants
-
[ Tools ] ADAPE-Script - 活动目录自动化安全评估与权限提升脚本: https://github.com/hausec/ADAPE-Script
-
[ Tools ] 一个小型 ShellCode 加载器: https://gist.github.com/zznop/0117c24164ee715e750150633c7c1782
-
[ Tools ] 使用 Burp suite 扩展 Hackvertor 绕过 WAF 并对 XOR 解码: https://portswigger.net/blog/bypassing-wafs-and-cracking-xor-with-hackvertor
-
[ Vulnerability ] ghostscript: executeonly bypass with errorhandler setup(CVE-2018-17961)漏洞,来自 Project Zero: https://bugs.chromium.org/p/project-zero/issues/detail?id=1682
-
[ Vulnerability ] Intel NUC EBU 固件更新中的拒绝服务漏洞修复(CVE-2018-12158): https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00168.html
-
[ Windows ] Windows 10 RS5 中增加了对令牌窃取的保护: https://tyranidslair.blogspot.com/2018/10/farewell-to-token-stealing-uac-bypass.html
-
[ Crypto ] ColdFusion 使用的 CFMX_COMPAT 加密算法研究: https://www.synacktiv.com/posts/pentest/coldfusion-cfmx_compat-lolcryption.html
-
[ Pentest ] 规避 Sysmon 的手法介绍: https://www.darkoperator.com/blog/2018/10/5/operating-offensively-against-sysmon
-
[ Tools ] 用于检测HTTP上是否存在默认帐户指纹数据集: https://nmap.org/nsedoc/scripts/http-default-accounts.html Github: https://github.com/nnposter/nndefaccts
-
[ Vulnerability ] VMWare Workstation 拒绝服务漏洞披露(CVE-2018-6977): https://blog.talosintelligence.com/2018/10/vuln-spot-vmware-dos.html