腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android 应用逆向工程工具分享: https://www.peerlyst.com/posts/reverse-engineering-tools-for-android-application-sudhendu
-
[ Attack ] 通过感染 BMC 固件为系统添加持久化控制: https://eclypsium.com/2018/12/19/remotely-bricking-a-server/
-
[ Forensics ] UFED 4PC、UFED Touch2 和 UFED 物理分析器 7.12 版本发布: https://cf-media.cellebrite.com/wp-content/uploads/2018/12/ReleaseNotes_UFED_and_UFEDPA_7.12.pdf
-
[ Hardware ] Fomu - 适用于 USB 口的微型 FPGA 板: https://www.crowdsupply.com/sutajio-kosagi/fomu/
-
[ Malware ] Miori IoT 僵尸网络通过 ThinkPHP RCE 漏洞传播: https://blog.trendmicro.com/trendlabs-security-intelligence/with-mirai-comes-miori-iot-botnet-delivered-via-thinkphp-remote-code-execution-exploit/
-
[ MalwareAnalysis ] New Tsunami 活动使用的 Smoke Loader 分析: https://unit42.paloaltonetworks.com/analysis-of-smoke-loader-in-new-tsunami-campaign/
-
[ Others ] 图像 MD5 碰撞研究: https://github.com/corkami/pocs/blob/master/collisions/README.md
-
[ SecurityProduct ] Windows Defender ATP 已可保护 USB 及可移动设备: https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/
-
[ Tools ] 逆向工程框架 Miasm 发布 v0.1.0 版本: https://twitter.com/i/web/status/1075697375233093633
-
[ Tools ] RDP MITM - 打造可记录图像和按键的 RDP 蜜罐: https://gosecure.net/2018/12/19/rdp-man-in-the-middle-smile-youre-on-camera/
-
[ Tools ] sshLooterC - 窃取 ssh 密码的 SSHLooter 项目的 C 版本: https://github.com/mthbernardes/sshLooterC
-
[ Tools ] DreamLoader - ASM 实现的 PE Loader: https://github.com/86hh/DreamLoader
-
[ Tools ] Plaso 20181219 发布及相关信息介绍 : http://blog.kiddaland.net/2018/12/plaso-20181219-released.html
-
[ Vulnerability ] 0day in forticlient 6.0.3.0155,Fortinet 的三个本地特权提升漏洞分析: https://blog.secu.dk/blog/Forticlient/
-
[ Vulnerability ] 非管理员账户中读取任意文件的 0day 漏洞公开: https://twitter.com/i/web/status/1075605011105767424
-
[ Vulnerability ] WIBU-SYSTEMS WibuKey.sys 中的多个漏洞披露: https://blog.talosintelligence.com/2018/12/vulnerability-spotlight-multiple-vulns-wibu.html
-
[ Windows ] Microsoft 的 Mu 项目介绍,统一可扩展固件接口(UEFI)的开源版本: https://blogs.windows.com/buildingapps/2018/12/19/%e2%80%afintroducing-project-mu/
-
-
[ Browser ] Pwn2Own 2018 Apple Safari 的沙箱逃逸漏洞(CVE-2018-4196)介绍,来自 ZDI : https://www.zerodayinitiative.com/blog/2018/12/20/really-check-errors-pointing-to-the-object-of-your-desire
-
[ Linux ] Linux Kernel 4.4 - 'rtnetlink' 栈内存泄漏漏洞 POC(CVE-2016-4486): https://www.exploit-db.com/exploits/46006
-
-
[ Vulnerability ] SharePoint 的两个 RCE 漏洞披露: https://soroush.secproject.com/blog/2018/12/story-of-two-published-rces-in-sharepoint-workflows/
-