腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] Firefox JavaScript 类型混淆 RCE 漏洞(CVE-2018-12386)的详细分析: https://blogs.securiteam.com/index.php/archives/3765
-
[ Industry News ] 2018年12月31日 PHP 5.6.x 的安全支持将正式停止,大约 62% 的互联网站点将运行不受支持的 PHP 版本: https://www.zdnet.com/article/around-62-of-all-internet-sites-will-run-an-unsupported-php-version-in-10-weeks/
-
[ MalwareAnalysis ] 通过动态二进制文件检测,对轻量级恶意软件进行行为分析: https://www.slideshare.net/MaximShudrak/tricky-sample-hack-it-easy-applying-dynamic-binary-inastrumentation-to-lightweight-malware-behaviour-analysis
-
[ Others ] 如何寻找新的持久化方式: http://www.hexacorn.com/blog/2018/10/14/how-to-find-new-persistence-tricks/
-
[ Tools ] haxxmap - 代理 IMAP 服务获取密码的工具: https://github.com/mrexodia/haxxmap
-
-
[ Tools ] tcpbin - 记录 TCP Socket 详细日志的工具: https://github.com/ecx86/tcpbin
-
[ Tools ] 对专有汽车协议 CANalyzat0r 的安全分析工具: https://www.schutzwerk.com/en/43/posts/canalyzat0r/
-
[ Tools ] censys-subdomain-finder - 从 Censys 的证书透明日志中收集子域名的工具: https://github.com/christophetd/censys-subdomain-finder
-
[ Android ] Android Pwn2Own 2017 漏洞的介绍与演示: https://labs.mwrinfosecurity.com/assets/BlogFiles/the-mate-escape-huawei-pwn2own-2018-10-13.pdf
-
[ Blockchain ] Not a fair game, Dice2win公平性分析: http://blogs.360.cn/post/Fairness_Analysis_of_Dice2win.html
-
[ Industry News ] CloudFlare 将 XDP 集成到其 DDoS 缓解策略中: https://netdevconf.org/2.1/slides/apr6/bertin_Netdev-XDP.pdf
-
[ MalwareAnalysis ] 对 Hancitor 恶意样本的深入分析: 1) https://0ffset.wordpress.com/2018/08/12/post-0x16-hancitor-stage-1/ 2)https://0ffset.wordpress.com/2018/10/14/post-0x16-hancitor-stage-2/
-
-
[ Others ] Mozilla 公司的 Firefox 应用程序更新服务安全审计报告: https://drive.google.com/file/d/1v53GCYPxzoZmB1dCop1yJfZgS1wi64dS/view
-
[ Others ] 'How to irregular cyber warfare',关于不规则网络战策略的介绍: https://blog.erratasec.com/2018/10/how-to-irregular-cyber-warfare.html#.W8NRddUzaUk
-
[ Symbolic Execution ] 通过使用符号执行技术,自动化分析堆分配器,来评估一个补丁是否能缓解攻击 (paper): https://securitygossip.com/blog/2018/10/12/heaphopper-bringing-bounded-model-checking-to-heap-implementation-security/
-
[ Symbolic Execution ] 对 Symbolic Emulator 的详细介绍: Part 1 : https://sean.heelan.io/2012/03/23/anatomy-of-a-symbolic-emulator-part-1-trace-generation/ Part 2: https://sean.heelan.io/2012/03/23/anatomy-of-a-symbolic-emulator-part-2-introducing-symbolic-data/
-
[ Tools ] 适用于 Oracle JDBC 的后门介绍: https://medium.com/@airman604/introducing-jdbc-backdoor-175fbb509f62 GitHub: https://github.com/airman604/jdbc-backdoor
-