腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Decompiling XAPK Files http://calebfenton.github.io/2016/02/28/decompiling-xapk-files/
"反编译 XAPK 文件, Blog: https://t.co/UIX0I8zgfD"
-
[ Attack ] Thanks to @ Cyb3rOps for his work on APT groups, I started a JSON with threat actors https://github.com/MISP/misp-galaxy/blob/master/elements/adversary-groups.json to be included soon in MISP
"多个 APT 组织的信息收集整理,JSON 版本, 来自 MISP Github Repo: https://t.co/OuzSv1AlwY "
-
[ Detect ] Updated 'Using Passive DNS for Incident Response’ with remark on sensor placement #ir https://www.vanimpe.eu/2016/02/27/passive-dns-for-incident-response/
" 被动 (Passive) DNS 在事件响应调查方面的应用: https://t.co/oTOZs7K0ho"
-
[ Hardware ] Introducing the Raspberry Pi 3 http://wp.me/pk3lN-NJw
"树莓派 3: https://t.co/rSP07xwJFm"
-
[ Hardware ] Cellphone Surveillance: The Secret Arsenal http://goo.gl/vZS0SX #WirelessSecurity #AccessControl #MITM #Spyware
"手机窃听硬件武器库(包括 StingRay, Blackfin 等), 来自 InfoSec Blog: https://t.co/8usDCxMPgY "
-
[ Linux ] Cyborg Hawk Linux – Penetration Testing Linux Distro http://www.darknet.org.uk/2016/03/cyborg-hawk-linux-penetration-testing-linux-distro/
"Cyborg Hawk Linux - 用于渗透测试的 Linux 发行版(含 ISO 下载链接): https://t.co/KUgjU2NYXq"
-
[ Linux ] Some research my coworker @ vavrusam and I did on different glibc attacks and a handy-dandy DNS cache traversal: https://blog.cloudflare.com/a-tale-of-a-dns-exploit-cve-2015-7547/
"DNS CVE-2015-7547 Exploit 的故事,以及为什么限制 DNS 响应数据包的大小不能缓解攻击。 来自 CloudFlare Blog: https://t.co/xDOuLE7HSV "
-
[ Malware ] Reinvented Ransomware Now Targeting WordPress Sites https://packetstormsecurity.com/news/view/26372/Reinvented-Ransomware-Now-Targeting-WordPress-Sites.html
" 'CTB Locker' 勒索软件的新变种开始针对性地攻击 WordPress 站点,并且新增加了一个和被攻击用户在线聊天的功能。 来自 The Register 的报道: https://t.co/5tIXkqyxtz"
-
[ Malware ] ATMZombie Trojan strikes Israeli banks http://feedproxy.google.com/~r/SecurityBloggersNetwork/~3/d2Em6tXZaN8/story01.htm
"ATMZombie 木马攻击了以色列的银行, 来自 ZdNet 的报道: https://t.co/TeDEcUZQ7e 来自 Kaspersky 的详细技术分析: https://securelist.com/blog/research/73866/atmzombie-banking-trojan-in-israeli-waters/ "
-
[ Network ] Chinese ISPs are redirecting users legitimate traffic to malicious sites/ads http://securityaffairs.co/wordpress/44893/hacking/chinese-isps-serve-malware-ads.html
"国内运营商将用户合法流量重定向到恶意网站或广告网站, 来自 SecurityAffairs 的报道: https://t.co/QjSvplnepq 乌云昨天也有一篇文章谈这个问题, 《今天,你被运营商 “上” 了么?》: http://weibo.com/ttarticle/p/show?id=2309403947881995354308 "
-
[ Pentest ] Quick Analysis of a Recent MySQL Exploit, (Mon, Feb 29th) https://isc.sans.edu/diary.html?storyid=20781&rss
"InfoSec Handlers Diary Blog 对最近通过蜜罐捕获到的一个 MySQL Exploit 样本的分析: https://t.co/JXBxKtghMl"
-
[ Pentest ] Ranger - A tool to support security professionals to access and interact with remote Microsoft Windows based systems https://github.com/funkandwagnalls/ranger
"Ranger - Windows 远程渗透测试工具,就一个 Python 文件,支持多种方式的远程代码执行功能: https://t.co/0AUpH1U7I2"
-
[ Popular Software ] @bsidessf Arne Swinnen - "The tales of a bug bounty hunter " exploits in instagram and Facebook https://t.co/Dr2G9eAvJf
"Bug Hunter 的故事与 Instagram 的 10 个漏洞: https://www.arneswinnen.net/2016/02/the-tales-of-a-bug-bounty-hunter-10-interesting-vulnerabilities-in-instagram/ "
-
[ ReverseEngineering ] Wrote a brief post on binary diffing with Kam1n0 for @ WhitehattersA https://www.whitehatters.academy/diffing-with-kam1n0/
"Binary diffing with kam1n0 (Windows 平台): https://t.co/BlmgE9lXK4 "
-
[ Tools ] Regarding more secure updates: https://theupdateframework.github.io/
"TUF - 一个安全的软件更新框架: https://t.co/ALHIMQD85L Github Repo: https://github.com/theupdateframework/tuf "
-
[ Web Security ] Common Security Issues in Financially-Orientated Web Applications https://www.nccgroup.trust/uk/our-research/common-security-issues-in-financially-orientated-web-applications/
"金融 Web 应用的常见安全问题, 来自 NCC Group 写给渗透测试工程师的入门文档, 这篇 Paper 写于 2015 年 6 月: https://t.co/fVwiUnrOky "
-
[ Windows ] Project Zero blog: The Definitive Guide on Win32 to NT Path Conversion by @ tiraniddo - https://goo.gl/ueDHY9
" Win32 路径到 NT 路径的转换, 来自 Project Zero Blog,作者为 James Forshaw: https://t.co/YQh8E5CjG1"
