腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary Code http://www.fireeye.com/blog/threat-research/2016/03/android-malware-family-origins.html
"IBM 今年 2 月份发报告称:Android 恶意代码家族 GM Bot 的源码去年 12 月份泄露了,FireEye 最近对 SlemBunk 家族以及 SimpleLocker 家族的二进制代码分析后认为,这几个都有相同的家族特征, 来自 FireEye Blog: https://t.co/nmzVFH5qfi "
-
[ Attack ] Hackers Breach DDoS Protection Firm Staminus, Leak Sensitive Data Online http://feedproxy.google.com/~r/tripwire-state-of-security/~3/C1LdKsPZZI0/
"黑客攻击了 DDoS 防护公司 Staminus,泄露了很多敏感信息: https://t.co/VfVm4IlngT TrendMicro 也发表了一篇文章谈这个攻击: http://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/ddos-protection-provider-gets-hacked?utm_source=trendlabs-social&utm_medium=twitter&utm_campaign=2016-03-staminus-hack "
-
[ Browser ] ZDI-16-199: Mozilla Firefox nsHTMLDocument SetBody Use-After-Free Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-199/
"ZDI-16-199 ︰ Firefox nsHTMLDocument SetBody UAF RCE, ZDI 公告: https://t.co/r70A910aNt"
-
[ Exploit ] https://www.slideshare.net/mobile/scovetta/fundamentals-of-exploitationrevisited A remarkably well written deck about the fundamentals of modern memory corruption.
"漏洞利用与状态机, 2012 年的 Slides,作者为 Thomas Dullien 和 Halvar Flake: https://t.co/VuWHGQRDQw "
-
[ Industry News ] Harman acquires TowerSec for embedded automotive software security. http://news.harman.com/releases/harman-completes-acquisition-of-towersec-automotive-cyber-security
"哈曼国际收购了 TowerSec, 哈曼国际是一家家用和车载音响制造商,收购 Towersec,拓展嵌入式汽车软件安全产品: https://t.co/1bh6OFUotN"
-
[ Linux ] CVE request -- linux kernel: crash on invalid USB device descriptors (cypress_m8 driver): Hello, If possible, ... http://bit.ly/1YFWxUt
"Linux 内核 CVE 申请︰ 无效的 USB 设备描述符使内核 Crash (cypress_m8 驱动程序): https://t.co/t5nOlGjdPo"
-
[ Linux ] Here it comes: "ELF: dynamic struggles" http://michalmalik.github.io/elf-dynamic-segment-struggles cc @ radareorg @ timstrazz
"ELF: dynamic struggles, ELF 文件格式中动态链接相关信息在不同分析工具中的处理是不同的, Blog: https://t.co/VIZjnWkxOC "
-
[ Malware ] Awesome blog by @ PhishMe folks http://phishme.com/ransomware-rising-criakl-osx-others/
"勒索软件攻击的数量持续上升, PhishMe 对最近发现的勒索软件攻击的详细分析: https://t.co/WzRD6sUYki"
-
[ Malware ] Locky Ransomware Arrives via Email Attachment https://blogs.mcafee.com/mcafee-labs/locky-ransomware-arrives-via-email-attachment/
"Locky 勒索软件通过邮件附件传播, 来自 McAfee Blog: https://t.co/95JnxTgGLq "
-
[ Network ] 600,000 TFTP Servers Can Be Abused For Reflection DDoS Attacks http://bit.ly/1LYopB7
"600,000 台 TFTP 服务器可被滥用,发起反射式 DDoS 攻击: https://t.co/a0BP82qKzv"
-
[ NetworkDevice ] Netgear ReadyNAS Surveillance: Unauthenticated Remote Command Execution http://goo.gl/fb/BlUiS4 #FullDisclosure
"Netgear ReadyNAS 的视频监控组件存在未授权的远程代码执行漏洞, 来自 FullDisclosure 的公告: https://t.co/Ra1GsTtEMn "
-
[ Others ] New Post: How I Audited An Entire Organization In 15 Minutes http://wp.me/p6Idbf-8w #cybersecurity #infosec #hacking @ shodanhq
"如何在 15 分钟内利用 Shodan 审计整个企业的安全, Blog: https://t.co/IjW5hgYZUH "
-
[ Tools ] VBad : VBA Obfuscation Tools combined with an MS office document generator : https://github.com/Pepitoh/VBad
"VBad - VBA 代码混淆工具,集成 MS Office 文档生成器, Github Repo ︰ https://t.co/JeYatzq9sH"
-
[ Web Security ] Exploring SSTI in Flask/Jinja2 (Part 2) : https://nvisium.com/blog/2016/03/11/exploring-ssti-in-flask-jinja2-part-ii/ ,Part 1 : http://www.lanmaster53.com/2016/03/exploring-ssti-flask-jinja2/
"Flask/Jinja2 中的服务端模板注入 Part 2 : https://t.co/aVwleEoiX7 Part 1(上周推送过) : https://t.co/wbujQ3Km9p"
-
[ Windows ] Windows Shell using Crypto API https://odzhan.wordpress.com/2016/03/12/windows-shells-part4/
"渗透测试攻击中,如何用 Windows Crypto API 为消息传输提供加密层: https://t.co/ppzsLFLwSg"