腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] Read this free report on Operation Blockbuster, the Lazarus Group takedown: http://symc.ly/1RoS03U https://t.co/sKXG0zVUSR
"Blockbuster 攻击行动调查报告,这次攻击背后的组织是 Lazarus,2014 年索尼被攻击背后的组织就是它 ︰ https://t.co/37tnITLJ5g https://t.co/sKXG0zVUSR"
-
[ Attack ] #ProjectM: Link found between Pakistani actor and Operation Transparent Tribe http://bit.ly/25owbLe #Unit42
"ProjectM - 巴基斯坦分子与透明部落攻击行动之间的联系, 来自 Palo Alto Blog: https://t.co/Jn3gZSq1yd "
-
[ Attack ] Hackers stole records of 1.5 million customers of Verizon Enterprise http://securityaffairs.co/wordpress/45629/data-breach/verizon-enterprise-portal-hacked.html
"黑客偷走了 Verizon 150 万客户数据,在地下市场交易: https://t.co/qJbfTxuUTL "
-
[ Linux ] Advanced Linux Programming Book : http://advancedlinuxprogramming.com/alp-folder/
"Linux 高级编程(书, PDF) ︰ https://t.co/KMKBcafGSt"
-
[ Mac OS X ] Great deck and bugs from @ osxreverser presented at #syscan360, thanks for the greetz :) http://go.sentinelone.com/rs/327-MNM-087/images/SyScan360%20SG%202016%20-%20Memory%20Corruption%20is%20for%20wussies.pdf
"Memory Corruption is for wussies(内存破坏漏洞是为懦夫准备的), 来自 Pedro Vilaça 在 Syscan 360 会议的演讲,讲如何利用 OS X 非内存破坏类漏洞提取,从用户态绕过 SIP: https://t.co/JTqxYlbGgz"
-
[ Malware ] Awesome list of legitimate apps PlugX malware uses to sideload its DLL loader & malicious payloads. #DFIR #infosec https://twitter.com/hexacorn/status/713152309983883265
" PlugX 恶意软件通过 DLL Side-loading 技术劫持多款应用, 被劫持的应用列表: http://www.hexacorn.com/blog/2016/03/10/beyond-good-ol-run-key-part-36/ "
-
[ Malware ] Researchers at G DATA have discovered new type of #ransomware: #Petya encrypts hard drives: https://blog.gdatasoftware.com/2016/03/28213-ransomware-petya-encrypts-hard-drives https://t.co/GohgjhsFbo
"G DATA 的研究员发现了一种新类型的勒索软件: Petya,它会加密整个硬盘︰ https://t.co/PT3Z49epwO https://t.co/GohgjhsFbo TrendMicro 对该勒索软件的分析: http://blog.trendmicro.com/trendlabs-security-intelligence/petya-crypto-ransomware-overwrites-mbr-lock-users-computers/ 改写 MBR,触发蓝屏,启动界面展示勒索信息"
-
[ Malware ] Threat Alert: “PowerWare,” New #Ransomware Written in PowerShell, Targets Organizations via Microsoft Word - http://ow.ly/ZVBpW
"威胁预警: 'PowerWare' - PowerShell 写的新勒索软件, 通过 MS Word 攻击企业: https://t.co/Ukr3nDerKD"
-
[ Malware ] The Secret Behind CryptoWall’s Success: Key Findings from our Hacker Intelligence Initiative Report http://blog.imperva.com/2016/03/the-secret-behind-cryptowalls-success-key-findings-from-our-hacker-intelligence-initiative-report.html
"CryptoWall 成功背后的秘密 ︰ Imperva 黑客情报计划报告中的一些关键点: https://t.co/IhJ2laU5sC "
-
[ Malware ] More examples of malicious Powershell use triggered by .LNK files https://blogs.mcafee.com/mcafee-labs/malware-employs-powershell-to-infect-systems/ by @ Seifreed #malware #powershell
"通过在附件中内嵌快捷方式触发 Powershell 脚本的恶意软件: https://t.co/kNoMYj8oEY "
-
[ Others ] Gotta admit, I love reading about compiler bugs for some reason. Nice work @ BruceDawson0xB https://twitter.com/BruceDawson0xB/status/713208982303678464
"Bruce Dawson 在移植 Chromium 项目到 VC++ 2015 编译环境时发现了编译器的两个 Bug, 作者发的 Tweet: https://t.co/NbJqYc5G3E Blog: https://randomascii.wordpress.com/2016/03/24/compiler-bugs-found-when-porting-chromium-to-vc-2015/ "
-
[ ThirdParty ] Remote Code Execution in Apache OpenMeetings : http://haxx.ml/post/141655340521/all-your-meetings-are-belong-to-us-remote-code cc: @ addelindh
"Apache OpenMeetings 开源视频会议、协作系统远程代码执行漏洞 ︰ https://t.co/7huG9ZfBtq "
-
[ ThreatIntelligence ] Only 42% of infosec pros use shared threat intelligence http://bit.ly/22C9HnF @ McAfee_Labs
"仅有 42% 的信息安全专业人员使用威胁情报: https://t.co/q2eg9CBNbb "
-
[ Tools ] I added .@ sysinternals #sysmon support to .@ williballenthin's process-forest https://github.com/williballenthin/process-forest #DFIR
"process-forest - 根据 Windows 日志信息,重建进程的历史层级、父子关系: https://t.co/Oif5qEQ3o1 "
-
[ Web Security ] Dear XSSer, two XSS challenges are here. Can you solve it? :) http://shibuya.vulnerabledoma.in/jizen http://shibuya.vulnerabledoma.in/jizen2
"亲爱的 XSSer 们,这有两个 XSS 挑战题: https://t.co/xyi8qoyJBL https://t.co/jhiZMDZh1l"
-
[ Web Security ] SQL Injection Cheat Sheet : https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
"SQL 注入手册, 来自 NetSparker Blog ︰ https://t.co/sTid3I1Fkn"
