腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Embed a Metasploit Payload in an original .apk File https://techkernel.wordpress.com/2015/12/19/embed-metasploit-payload-in-apk-manually/
"如何在 .APK 文件中嵌入一个 Metasploit Meterpreter, Blog: https://t.co/PS8UAaaoFG "
-
[ Linux ] STRUCTLEAK already prevented this MIPS stack infoleak: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e723e3f7f9591b79e8c56b3d7c5a204a9c571b55
"本次的 Linux 内核 Git 提交修复了一个 MIPS SIGFPE 内核栈信息泄露的 Bug: https://t.co/8E8y5LM0HF"
-
[ Malware ] Samples of the OSX Ransomware #KeRanger for your research, detection and prevention: https://paloaltonetworks.box.com/KeRangerSamples (password: KeRanger)
"OS X 勒索软件 KeRanger 的样本下载: https://t.co/y0Sah5m9LI (密码: KeRanger)"
-
[ Malware ] Great read on the reverse engineering of the Transmission build containing ransomware on OS X. http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-ransomware-keranger-infected-transmission-bittorrent-client-installer/#more-12586
"OS X 平台的一款新勒索软件 KeRanger 感染了 Transmission BT 客户端安装包, 来自 Palo Alto Blog: https://t.co/raS4l6eIke "
-
[ Malware ] A Case Study of Information Stealers: Part III http://resources.infosecinstitute.com/a-case-study-of-information-stealers-part-iii/
"Pony Stealer 信息盗取工具案例研究 Part 3, 来自 InfoSec Blog: https://t.co/kMOG05zdv6"
-
[ Operating System ] Interesting paper on VMware's test kernel FrobOS: https://web.archive.org/web/20140123033243/https://labs.vmware.com/download/193/
"VMware 测试内核 FrobOS 介绍, PDF: https://t.co/wH7F24uHuT"
-
[ Others ] No Compiler: A journal of experiments with LLVM, binding C from Lua, and writing software without a compiler http://msm.runhello.com/p/1003
"No Compiler - 在 LLVM 中, 利用 Lua C Binding 写程序(无需编译器): https://t.co/FQITfH2qdq "
-
[ Others ] I reimplemented the PadCrypt domain generation algorithm in Python: http://johannesbader.ch/2016/03/the-dga-of-padcrypt/
"PadCrypt 域名生成算法的 Python 实现: https://t.co/vnCe0MFJcq"
-
[ Others ] #Analysis AMD to fix slippery hypervisor-busting bug in its CPU microcode http://reg.cx/2k8C
"AMD 很快就会发布 CPU 微码更新, 修复 CPU 微码中的一个 Hypervisor Bug, 利用这个 Bug 可以实现 Guest 虚拟机对 HOST 机的劫持, 来自 TheRegister 的报道: https://t.co/U9AEHcBQPI "
-
[ Popular Software ] #Putty buffer overflow PoC cve-2016-2563 released right now. Thanks tintinweb for sharing. https://github.com/tintinweb/pub/blob/master/pocs/cve-2016-2563/poc.py https://t.co/KYf5MZqOED
"Putty 缓冲区溢出 PoC (CVE-2016-2563): https://t.co/TlH8qcDTXl https://t.co/KYf5MZqOED"
-
[ Web Security ] @ NSAGov #Security #CrossSiteScripting #XSS XSS on http://www.nsa.gov https://t.co/dTv59g93QJ
"美国国家安全局网站 NSA.gov 网站 XSS(查看原图可以看清): https://t.co/eNEmrOfXak https://t.co/dTv59g93QJ"
-
[ Web Security ] Remote Code Execution in Apache Jetspeed 2.3.0 and earlier http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and
"Apache Jetspeed(企业门户实现) 2.3.0 以前版本远程代码执行漏洞, Blog: https://t.co/okao8HaNcD "
-
[ Windows ] Windows 10 Secure Boot information http://wp.me/p4Xaro-Rn via @ wordpressdotcom
" Windows 10 UEFI Secure Boot 介绍: https://t.co/ZMZAafBvhU"
