腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] Google Chrome skia::SkTDPQueue::insert 堆溢出漏洞披露(CVE-2018-18338): https://bugs.chromium.org/p/chromium/issues/detail?id=890576
-
[ Browser ] Chrome V8 中类型错误导致的越界读写漏洞(CVE-2019-5782)与利用介绍: https://github.com/vngkv123/aSiagaming/tree/master/Chrome-v8-906043
-
[ Malware ] Trendmicro 发现 .NET 开发的恶意软件被用于感染 macOS 系统: https://blog.trendmicro.com/trendlabs-security-intelligence/windows-app-runs-on-mac-downloads-info-stealer-and-adware/
-
[ Malware ] Google Play 商店发现首款通过更换剪贴板中的钱包地址窃取加密货币的恶意软件 - 'Clipper': https://threatpost.com/clipper-malware-google-play/141669/
-
[ MalwareAnalysis ] 使用以太坊交易进行 C&C 通信的 .NET 下载者分析: https://medium.com/@quoscient/ethereum-threat-actors-part-1-dotnet-downloader-using-ethereum-transactions-for-c-c-updates-a6e244d6a402
-
[ Pentest ] 域名前置(Domain Fronting)技术介绍: https://digi.ninja/blog/domain_fronting.php 使用 CloudFront 进行域名前置(Domain Fronting): https://digi.ninja/blog/cloudfront_example.php
-
[ Popular Software ] Adobe Reader 继 Bad-PDF 后的另一处通过 SMB 泄漏 NTLM Hash 的漏洞介绍 : https://blog.0patch.com/2019/02/sorry-adobe-reader-were-not-letting-you.html
-
[ Protocol ] Microsoft 发布 《Solving the TLS 1.0 Problem, 2nd Edition》 白皮书,提供禁用 TLS 1.0 的最新方案: https://cloudblogs.microsoft.com/microsoftsecure/2019/02/11/solving-the-tls-1-0-problem/
-
[ ReverseEngineering ] 逆向基于 Philips TriMedia CPU 的网络摄像机 - Part 2: https://blog.quarkslab.com/reverse-engineering-a-philips-trimedia-cpu-based-ip-camera-part-2.html
-
[ ReverseEngineering ] 给初学者的 Linux CTF 逆向教程: https://osandamalith.com/2019/02/11/linux-reverse-engineering-ctfs-for-beginners/
-
[ ReverseEngineering ] 如何在安卓上绕过 Instagram SSL Pinning: https://plainsec.org/how-to-bypass-instagram-ssl-pinning-on-android-v78/
-
[ SecurityAdvisory ] US-CERT 发布 2019 年 2 月 4 日此周的漏洞总结: https://www.us-cert.gov/ncas/bulletins/SB19-042
-
[ Tools ] 开源恶意软件扫描器 PE-sieve 介绍: https://drive.google.com/file/d/1pIjYznL7Ww0sTFzCCHMxhchsnfH5TwfG/view
-
[ Tools ] 浏览器 XSS Filter 绕过速查表 : https://github.com/masatokinugawa/filterbypass/wiki/Browser's-XSS-Filter-Bypass-Cheat-Sheet
-
[ Tools ] 使用 Azure ATP 检测 ExchangePriv 漏洞: https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/How-to-win-the-latest-security-race-over-NTLM-relay/ba-p/334511
-
[ Tools ] webkit-bugmap - 一款针对 WebKit 安全漏洞可视化的研究工具: https://bugmap.gitlab.io/webkit/
-
[ Virtualization ] 在 64 位 ARM 架构下编写虚拟机 hypervisor 的系列教程 Part 1: https://ashw.io/blog/arm64-hypervisor-tutorial/1
-
[ Vulnerability ] Webiness Inventory 2.3 'email' 参数 SQL 注入漏洞披露: https://www.exploit-db.com/exploits/46350
-
[ Vulnerability ] runc 容器逃逸漏洞披露,允许恶意容器覆盖主机二进制文件,从而获得 root 权限的代码执行的漏洞(CVE-2019-5736): https://www.openwall.com/lists/oss-security/2019/02/11/2 https://www.us-cert.gov/ncas/current-activity/2019/02/11/runc-Open-Source-Container-Vulnerability
-
[ Vulnerability ] CentOS Web Panel 0.9.8.763 存储型 XSS 漏洞披露(CVE-2019-7646): https://www.exploit-db.com/exploits/46349
-
[ Others ] 使用 ESENTUTL.exe 锁定对文件的访问: https://dfironthemountain.wordpress.com/2018/12/06/locked-file-access-using-esentutl-exe/