腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] We just published Marvin: An OSS static+dynamic code analysis system that finds bugs in Android apps, BSD license: https://github.com/programa-stic/marvin-django/blob/master/README_en.md
"Marvin: 一个用于在 Android APP 中寻找 Bugs 的系统,支持动静态分析,还有一个 Web 管理平台。 Github Repo: https://t.co/Pu6rdhIe9J"
-
[ Attack ] New #phishing attacks exploit Gmail's open-source code. What to look for: http://bit.ly/1Qkt3F8
"新的钓鱼攻击伪装成 Gmail 的登陆页面, 来自 McAfee Blog: https://t.co/k3j93g8nP0"
-
[ Browser ] Stealing Secrets with CSS : Cross Origin CSS Attacks : http://blog.k3170makan.com/2016/02/stealing-secrets-with-css-cross-origin.html
"通过 CSS 盗取数据 - 跨域 CSS 攻击(CVE-2015-5826/ CVE-2015-1287): https://t.co/dCiPsYBmbr 前天推送过一篇文章也是分析这个问题: http://blog.innerht.ml/cross-origin-css-attacks-revisited-feat-utf-16/ "
-
[ Hardware ] Modern Microprocessors : http://www.lighterra.com/papers/modernmicroprocessors/
"现代微处理器设计架构: https://t.co/Jx1blejl3N"
-
[ Hardware ] NCC Group Whitepaper: Building WiMap the Wi-Fi Mapping Drone - https://www.nccgroup.trust/uk/our-research/building-wimap-the-wi-fi-mapping-drone/
"WiMap - NCC Group 构建的一款 Wi-Fi 测绘无人机: https://t.co/uuKjCyjnZM"
-
[ IoTDevice ] Pwning CCTV cameras : https://www.pentestpartners.com/blog/pwning-cctv-cameras/
"攻击视频监控摄像头, DVR 摄像头固件中的疑似后门会将图像发送到一个中国的邮箱。 来自 PenTestPartners Blog: https://t.co/Xd5DGUT1GU"
-
[ IoTDevice ] Remotely Disabling a Wireless Burglar Alarm http://blog.ioactive.com/2016/02/remotely-disabling-wireless-burglar.html
"远程禁用无线防盗报警器, 来自 IOActive Blog: https://t.co/euH8MJmrJb"
-
[ Malware ] New Ransomware Mimics Dridex-Style Distribution ~ Locky ~ http://researchcenter.paloaltonetworks.com/2016/02/locky-new-ransomware-mimics-dridex-style-distribution/
"Locky - 一款新勒索软件, 模仿 Dridex 的风格,采用相似的文件名: https://t.co/Zoj3IaVSBh"
-
[ MalwareAnalysis ] The Dridex Banking Trojan - Analysis : http://www.techknow.one/forum/index.php?topic=9346
"TechKnow 论坛一篇对 Dridex 银行木马的分析: https://t.co/kvUX854yrK"
-
[ MalwareAnalysis ] AlienVault's re-analysis to OSX Trojan #OceanLotus (used in an APT last year): https://www.alienvault.com/open-threat-exchange/blog/oceanlotus-for-os-x-an-application-bundle-pretending-to-be-an-adobe-flash-update
"AlienVault 对海莲花(OceanLotus)木马的分析: https://t.co/5Ai8APADFr 去年 360 发布过一个对海莲花的分析报告, AlienVault 的这篇文章主要是分析 OS X 版本的 OceanLotus 样本。 这个木马在去年的 APT 攻击中出现过 "
-
[ Others ] Machine code for Beginners : https://drive.google.com/file/d/0B2Z4GOoRXHWUVUl1VERFUGVUOG8/view (On-req)
"机器码入门教程, PDF: https://t.co/jpj5QIyFpk "
-
[ Others ] Ones and Zeros (Part 2 ): Making Executable Files : http://www.hanshq.net/making-executables.html , Part 1 : http://www.hanshq.net/ones-and-zeros.html
"内存中的 0 和 1: Part 2 构造可执行文件 : https://t.co/ECEMjUmShd Part 1 : https://t.co/uC3Ux01jhv"
-
[ Others ] Automatic Patch Generation by Learning Correct Code http://people.csail.mit.edu/fanl/papers/prophet-popl16.pdf
"MIT 大学的 Paper, 研究如何通过学习大量开源代码的 Patch,然后自动生成 Patch 的系统, Paper: https://t.co/qgmrEQhZ2w "
-
[ SecurityProduct ] New blog from Nettitude’s @ kyREcon: Exploiting a Kernel Paged Pool Buffer Overflow in Avast Virtualisation Driver: http://ow.ly/Yr4Iq
"Avast 虚拟化驱动程序内核分页池缓冲区溢出漏洞利用(CVE-2015-8620), Avast 在处理 'Sandbox' 和 'DeepScreen' 相关的功能时存在缓冲区溢出漏洞,利用这个漏洞可以实现 Guest 到 SYSTEM 的提取。 来自 Nettitude Blog: https://t.co/sh2MDkMNPu"
-
[ Web Security ] A few slides about my XSSmas15 solution: http://www.slideshare.net/cgvwzq/a-xssmas-carol
"XSSmas15 比赛题目的答案: https://t.co/0DWIEXG1S8"