腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News) - 2019/01/11

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Browser ] From Zero to Zero Day ,介绍零基础挖掘 Chakra Core 漏洞的方法,来自 35C3 大会: https://github.com/j0nathanj/Publications/tree/master/35C3_From_Zero_to_Zero_Day
[ iOS ] iOS atm port UAF 漏洞（CVE-2018-4420）PoC： https://github.com/0x36/CVE-pocs/blob/master/CVE-2018-4420-atm-uaf.c
[ Language ] Rust 语言安全研究: https://snf.github.io/2019/01/10/rust-2019-security/
[ MalwareAnalysis ] 分析 HNS P2 僵尸网络: https://www.malwaretech.com/2019/01/tracking-the-hide-and-seek-botnet.html
[ MalwareAnalysis ] FireEye 对近期发生的全球大范围 DNS 劫持活动的分析： https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
[ Others ] McAfee 对 Ryuk 勒索软件的技术分析，分析认为该攻击并不一定由国家支持而更像一场网络犯罪活动: https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ryuk-ransomware-attack-rush-to-attribution-misses-the-point/
[ Others ] SSRF 漏洞的多种利用方法， Part 1 ： https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-1-29d034c27978
[ Others ] Microsoft Application Control Solutions Bypass（CVE-2018-8492）： https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
[ Tools ] Cisco Talos 发布了 PyLocky 勒索软件解密工具: https://blog.talosintelligence.com/2019/01/pylocky-unlocked-cisco-talos-releases.html
[ Vulnerability ] Gradle Plugin Portal: 结合点击劫持和 CSRF 漏洞实现帐户接管： https://medium.com/bugbountywriteup/gradle-plugin-portal-clickjacking-cross-site-request-forgery-enabling-account-takeover-d65c2e43082b

[ Crypto ] 如何从 F00D 中提取密钥： https://www.lolhax.org/2019/01/02/extracting-keys-f00d-crumbs-raccoon-exploit/
[ macOS ] OSX Mojave 安全加固指南： https://github.com/ernw/hardening/blob/master/operating_system/osx/10.14/ERNW_Hardening_OS_X_Mojave.md
[ MalwareAnalysis ] Android Native病毒——2018年度研究报告： https://www.anquanke.com/post/id/169394
[ SecurityProduct ] Palo Alto Networks OS readSessionVarsFromFile Session Corruption 漏洞的另一种利用方法（CVE-2017-15944）： https://tinyhack.com/2019/01/10/alternative-way-to-exploit-cve-2017-15944-on-pan-os-6-1-0/ https://xakep.ru/2018/03/16/pan-os-exploit/