腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] From Android ART (binary-only) to DEX? Yes, we can ! : http://reyammer.blogspot.in/2016/03/from-android-art-binary-only-to-dex-yes.html
"From Android ART (binary-only) to DEX, 这篇 Blog 是 0CTF Quals 2016 比赛一道 Android 题目的 WriteUp: https://t.co/0kVxGIq5eK"
-
[ Android ] Linux Kernel Exploitation on Android : https://github.com/Fuzion24/AndroidKernelExploitationPlayground cc: @ Fuzion24
"AndroidKernelExploitationPlayground - Android 内核漏洞利用练习, 来自 Github Repo ︰ https://t.co/VVKpB2WVVH 这个工具主要是内核方面的,之前还推送过 Android 应用方面的漏洞靶场: https://github.com/nil1666/AuditDroid https://github.com/payatu/diva-android/ "
-
[ Attack ] New post: Exploit Kits in 2015: Scale and Distribution http://bit.ly/1TMCKTV @ TrendMicro
"2015 年 Exploit Kits 的规模和分布情况, 来自 TrendMicro Blog: https://t.co/hhozwz2lgC "
-
[ Attack ] Targeted social engineering attack sees blueprints stolen and used http://www.itgovernance.co.uk/blog/targeted-social-engineering-attack-sees-blueprints-stolen-and-used/
"某制造业公司的设备蓝图遭窃取和售卖, Blog: https://t.co/zP5CRRotnc 这篇 Blog 来源于 Verizon 发布的数据泄露报告: http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest_xg_en.pdf "
-
[ Attack ] To bypass code-signing checks, SuckFly malware gang steals lots of certificates http://arstechnica.com/security/2016/03/to-bypass-code-signing-checks-malware-gang-steals-lots-of-certificates/
"为了绕过代码签名检查, SuckFly 恶意软件团伙窃取了大量证书: https://t.co/1JtCkYCkp7"
-
[ Attack ] DDoSing with Other People's Botnets : http://www.malwaretech.com/2016/03/ddosing-with-other-peoples-botnets.html cc: @ MalwareTechBlog
"用别人的 Botnet 发动 DDoS 攻击, 作者在分析 ZeroAccess 的 C&C 架构后发现,完全有可能让 ZeroAccess 的 C&C 架构'为我所用': https://t.co/FZKaTyve2w "
-
[ Debug ] An Introduction to Debugging the Windows Kernel with WinDbg http://contextis.com/resources/blog/introduction-debugging-windows-kernel-windbg/
"WinDbg 调试 Windows 内核简介, 来自 Context Blog: https://t.co/7Rv8xRVmgT"
-
[ iOS ] New Trojan #AceDeceiver entered App Store, infected non-jailbroken iOS via FairPlay MITM attack w/o enterprise cert: http://researchcenter.paloaltonetworks.com/2016/03/acedeceiver-first-ios-trojan-exploiting-apple-drm-design-flaws-to-infect-any-ios-device/
"iOS 新木马 AceDeceiver - 这是第一个利用 Apple DRM 保护机制设计缺陷的 iOS 木马,这项技术称为 FairPlay 中间人攻击,利用这种方法,无需企业证书,木马就可以实现安装。 来自 Palo Alto Blog︰ https://t.co/UdM0tvZJBR"
-
[ Malware ] EDA2, derived from the educational ransomware, is easy to break http://securityaffairs.co/wordpress/45336/cyber-crime/eda2-easy-decryption.html
"EDA2 是由安全专家 Utku Sen 写的一款教学目的的勒索软件, 现在 EDA2 的变种出现了,安全专家表示很容易对抗: https://t.co/A7LxedzsQK"
-
[ Malware ] Security vs convenience: The story of ransomware spread by spam email – Naked Security http://ow.ly/ZwgBB
"安全性和易用性的博弈 - 通过垃圾邮件传播的勒索软件, 来自 Naked Security Blog: https://t.co/9pwfIMyUpj"
-
[ Malware ] TeslaCrypt Ransomware Arrives via Neutrino Exploit Kit https://blogs.mcafee.com/mcafee-labs/teslacrypt-arrives-via-neutrino-exploit-kit/
"McAfee 最近发现了一个 TeslaCrypt 的新下载途径 - 通过 Neutrino Exploit Kit: https://t.co/S3bTf08yjv"
-
[ Malware ] A Look Into Malvertising Attacks Targeting The UK https://blog.malwarebytes.org/malvertising-2/2016/03/a-look-into-malvertising-attacks-targeting-the-uk/
"攻击英国的恶意广告行动, 来自 MalwareBytes Blog: https://t.co/SrrkeYGdP0"
-
[ Operating System ] QNX Security Architecture - https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-qnx-security-whitepaper-2016-03-14.pdf #lowlevel
"QNX 操作系统安全体系架构, 来自 MWR 的白皮书: https://t.co/dJOLANErWp "
-
[ Others ] Slides from my #smashingconf talk "HTTP/2 What, where, why, and when?!" are now online: https://speakerdeck.com/patrickhamann/http2-what-where-why-and-when-smashing-conference-march-2016
"HTTP2 What, where, why, and when, 来自 Smashing 会议的 Slides ︰ https://t.co/ZYfIOPX2nd"
-
[ Others ] Integer signedness error in the amd64_set_ldt() function in the FreeBSD kernel leading to a wild heap overflow: http://www.coresecurity.com/advisories/freebsd-kernel-amd64setldt-heap-overflow
"FreeBSD 内核 amd64_set_ldt 堆溢出漏洞(CVE-2016-1885),该漏洞由整数符号错误导致,漏洞只能本地触发,允许本地用户 Crash 内核, 来自 CoreSecurity ︰ https://t.co/F9M4OsDeco"
-
[ Others ] Talos Blog: TeslaCrypt 3.0.1 - Tales From The Crypt(o)! http://tinyurl.com/gpjmoq9
"TeslaCrypt 3.0.1 加密的故事, 来自 Talos 的这篇 Blog 分析 TeslaCrypt 勒索软件 3.0.1 版本的加密算法: https://t.co/hU5LJHsyBZ"
-
[ Others ] partial writeup / exploit for very cool kernel challenge from @ 0opsCN https://github.com/acama/ctf/tree/master/0ctfquals2016/(%E3%81%A5%EF%BF%A3%203%EF%BF%A3)%E3%81%A5
"0CTF Quals 2016 内核 Exploit, Github: https://t.co/NUi3WGpPIO"
-
[ Others ] #Pwn2Own Remember: Full Schedule is at @ Trendmicro http://blog.trendmicro.com/pwn2own-2016-begun/
"Pwn2Own 2016 比赛的日程安排: https://t.co/bHDctdrTvV ZDI 网站的日程中含第一天的比赛结果: http://community.hpe.com/t5/Security-Research/Pwn2Own-2016-The-lineup-and-schedule/ba-p/6841867#.VuoSZialilM "
-
[ Pentest ] Abusing PuTTY & Pageant through native functionality https://labs.mwrinfosecurity.com/blog/abusing-putty-and-pageant-through-native-functionality/
"通过一些 Native 功能滥用 PuTTY 和 Pageant, 来自 MWR Blog: https://t.co/nxVR6uHSZL "
-
[ Pentest ] Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests. https://github.com/peacand/burp-pyTemplate
"Burp-pyTemplate - Burp 框架的扩展,可以根据 Burp 代理请求自动化地生成一个最精简的 Python Exploit: https://t.co/L5w3cjWt2w"
-
[ Pentest ] Inveigh #PowerShell LLMNR/NBNS spoofer updated with Potato style remote NBNS spoofing and a more detailed readme https://github.com/Kevin-Robertson/Inveigh
"Inveigh - PowerShell 写的 LLMNR/NBNS 欺骗工具, Github Repo: https://t.co/drlzVj4R24"
-
[ Pentest ] My Cobalt Strike Scripts from NECCDC http://blog.cobaltstrike.com/2016/03/16/my-cobalt-strike-scripts-from-neccdc/
"作者用于参加 NECCDC 比赛的 Cobalt Strike 脚本: https://t.co/ONlZS0DJ1c "
-
[ Pentest ] Uploading files to compromised systems : http://ly0n.me/2015/10/21/uploading-files-to-compromised-systems/
"渗透测试中,上传文件到已经攻破的机器上有哪些方法? 这篇 Blog 提到了几种: Windows Debug、TFTP、FTP、HTTP ︰ https://t.co/EQ3f2rkGkX"
-
[ Popular Software ] @ HaifeiLi it wouldn't be the first time that virtualization software ends up making exploitation easier: http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug
"Virtual PC Hypervisor 内存保护 Bug,这是 2010 年的一个 Bug, 来自 Core Security 的公告 ︰ https://t.co/e1uEoeWQB0"
-
[ Popular Software ] Server & Client side RCE through a buffer overflow in all git ver < 2.7.1 : http://seclists.org/oss-sec/2016/q1/645
"Git 2.7.1 以前版本缓冲区溢出 RCE(CVE-2016-2324 和 CVE-2016-2315),客户端和服务端都受影响, 来自 Full Disclosure 的报道 ︰ https://t.co/7ab3MiLNxq"
-
[ Programming ] Programming Language Design : https://www.cs.berkeley.edu/~bh/pdf/v3ch04.pdf (pdf)
"伯克利大学的编程语言设计课程,第四章 ︰ https://t.co/DDwoVN8Fsy 其余章节: https://www.cs.berkeley.edu/~bh/pdf/ "
-
[ Tools ] Honerix: Online,distributed honeypot for capturing web-based attacks : https://www.honerix.com/
"Honerix - 分布式的 Web 攻击检测蜜罐, 官网︰ https://t.co/cTD1kLI2va"
-
[ Tools ] ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks : http://s3.eurecom.fr/docs/asiaccs16_graziano.pdf (pdf)
"ROPMEMU - 用于分析复杂的代码重用攻击的框架, Paper︰ https://t.co/0eW48kaXpG "