腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Debug ] Tool Added: The "Ultimate" anti debugging reference http://www.woodmann.com/collaborative/knowledge/index.php/The_%22Ultimate%22_anti_debugging_reference
"终极版反调试手册: https://t.co/iqiATWf4Qu"
-
[ Forensics ] Hunting for Executable Code in Windows Environments, (Thu, Feb 18th) https://isc.sans.edu/diary.html?storyid=20745&rss
"通过 PE Capture 工具发现系统中正在运行的可执行程序,用于取证分析: https://t.co/cY2Ja9yFZk"
-
[ Hardware ] Guide to Digital Signal Processing : http://www.dspguide.com/pdfbook.htm
"数字信号处理指南(在线图书), 来自 DSP Guide: https://t.co/Gutwihht6Z"
-
[ Hardware ] GPS hacking (PART 1) http://en.wooyun.io/2016/02/04/41.html
"狗汪汪玩转无线电 -- GPS Hacking (上), 来自 Wooyun Drops, 作者为 Kevin2600, 英文版: https://t.co/2FKSMKNQ5s 中文版: http://drops.wooyun.org/tips/11155 "
-
[ Linux ] Linux Mint ISOs were replaced with trojanized versions : http://blog.linuxmint.com/?p=2994
"Linux Mint 官方 Blog 发表声明: 2 月 20 号下载 Mint ISO 镜像的用户请检查镜像的完整性, 有可能下载到的是黑客修改过的后门版本: https://t.co/IsjEKZ7wzA"
-
[ MalwareAnalysis ] Feeling Locky (Ransomware): http://community.hpe.com/t5/Security-Research/Feeling-Locky/ba-p/6833983#.VsnBylR97qP
"HP 安全团队对 Locky 勒索软件的应急响应和分析: https://t.co/eFRo3qPb4g"
-
[ Mitigation ] Breaking KASLR with micro architecture Part 1: http://dreamsofastone.blogspot.com.ar/2016/02/breaking-kasrl-with-micro-architecture.html?m=1 by @ anders_fogh
"从 CPU 微体系架构的角度看 KASLR 的对抗, Blog: https://t.co/ETa3wwQCCq"
-
[ Others ] All my previous paper notes (in markdown format) are now here: https://github.com/argp/argp.github.io/tree/master/_posts/paper-notes
"argp 以前发表过的一些 Paper 和笔记, Github Repo: https://t.co/17USlvoTct"
-
[ Others ] #ICYMI Actionable Threat Intelligence: The key to efficient and comprehensive #security http://bit.ly/1OmGmnh
"可提供行动决定支撑的威胁情报解决方案, 来自 Palo Alto 产品白皮书: https://t.co/7EhpSAD3gR"
-
[ Others ] Thanks to @ TalBeerySec, @ adamshostack, and Erica E for reviewing my #infosec attack surface post: http://blogs.technet.com/b/johnla/archive/2016/02/20/how-infosec-security-controls-create-vulnerability.aspx
"信息安全管控本身是如何成为入侵的突破口的, 来自 Technet Blog, 作者为 John Lambert: https://t.co/qhBO5SuaSt"
-
[ Others ] Handy "How Google's Web Crawler Bypasses Paywalls" http://elaineou.com/2016/02/19/how-to-use-chrome-extensions-to-bypass-paywalls/
"Google 的网站爬虫是如何绕过 Paywalls 的: https://t.co/YzYx2h9Cor Paywall 是一种阻止非付费用户免费阅读的屏蔽系统 "
-
[ SecurityProduct ] More insecure security software: Comodo’s on-by-default VNC app http://arstechnica.com/security/2016/02/more-insecure-security-software-comodos-on-by-default-vnc-app/
"Comodo 安全软件默认安装并启用 VNC 服务, 来自 Ars Technica 的报道: https://t.co/zOvOG12Anx Project Zero 的 Issue: https://code.google.com/p/google-security-research/issues/detail?id=703 "
-
[ ThirdParty ] Breaking homegrown crypto : https://kivikakk.ee/cryptography/2016/02/20/breaking-homegrown-crypto.html
"PHP 框架 CodeIgniter 的加解密模块的破解: https://t.co/osR1RSOL73"
-
[ Tools ] mcafee-sitelist-pwd-decryption : Password decryption tool for the McAfee SiteList.xml file : https://github.com/funoverip/mcafee-sitelist-pwd-decryption cc: @ funoverip
"mcafee-sitelist-pwd-decryption - McAfee SiteList.xml 文件密码解密工具, Github Repo: https://t.co/EfNF7WydMd "
-
[ Windows ] It is said Microsoft added download prompts in Edge in Windows 10 Redstone 14267. http://wccftech.com/windows-10-redstone-build-14267-released-with-several-improvements/ @ HaifeiLi
"Windows 10 RedStone 14267 版本的 Edge 增加了下载确认提示, 14267 版本修复的 Bug 和新添加的特性: https://t.co/tMONmMgOGd"