腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Mobile Security News Update May 2016 - https://www.mulliner.org/blog/blosxom.cgi/2016/05/06#mobile_security_news_update_may2016 (via @ collinrm)
" 上个月的移动安全动态(2016 年 5 月版),来自 Mulliner Blog: https://t.co/unbHlxFBps"
-
[ Android ] A quick how-to on ioctl whitelisting for Android M http://jeffvanderstoep.blogspot.com/2016/02/collecting-ioctl-command-denials-for.html
"收集被 Android M SELinux 白名单拒绝的 ioctls: https://t.co/gcvJ7kQzq7 "
-
[ Attack ] Just blogged: Here's how I verify data breaches http://ift.tt/1WeDZg1
"如何核实大规模的数据泄露事件: https://t.co/2FO6P8fK9S"
-
[ Browser ] Devtools presence detector using a timing attack: http://awal.js.org/devtools-timing-attack/ Nice demo from @ awalGarg
" 浏览器开发者工具(F12)检测器,基于 Timing Attack 的方法。 该网站可以检测你当前是否打开了开发者工具 ︰ https://t.co/dXyLrc53Xv GitHub Repo: https://github.com/awalGarg/devtools-timing-attack "
-
[ Browser ] Browser Support for CSP 1.0 and CSP 2.0: http://caniuse.com/#search=CSP
"浏览器特性支持情况查询网站,包括 HTML5,CSS,SVG 等 ︰ https://t.co/abvyTXdKIT"
-
[ Browser ] A Taste of JavaScript’s New Parallel Primitives https://hacks.mozilla.org/2016/05/a-taste-of-javascripts-new-parallel-primitives/
"Mozilla 正在扩展 JavaScript 引擎,以支持并行执行: https://t.co/fZ7jZI1jtD"
-
[ Defend ] How control of the PE Format, C Compiler and OS Kernel allowed Microsoft to randomize PTE_BASE in Windows 10 Update: http://www.alex-ionescu.com/?p=323
"如何控制 PE 格式、 C 编译器和操作系统内核,使 PTE_BASE 随机化: https://t.co/efQqSulmI1"
-
[ Hardware ] New blog post (Technical): "Row hammer the short summary" http://dreamsofastone.blogspot.de/2016/05/row-hammer-short-summary.html
"对 Row Hammer 问题的总结: https://t.co/QB8VKOQ6rF"
-
[ IoTDevice ] Exploiting uboot to unlock the Amazon kindle http://spudowiar.me/android/bootloader/2016/03/03/kfsowi-bootloader-cracked/ via @ spudowiar
" 攻击 uboot,解锁 Amazon kindle: https://t.co/Ex6oHkXole "
-
[ Malware ] #Unit42 finds #Bucbi #ransomware is back with a Ukrainian makeover http://bit.ly/1TMQRGd
"Bucbi 勒索软件家族最近更新了,不再依赖 Exploit Kit 和钓鱼邮件传播,改为直接暴力破解公网上的 Windows Server 的远程桌面账号, 来自 Palo Alto Blog: https://t.co/vXoexYte63"
-
[ Malware ] Robin Hood CyptMix ransomware promises to donate fee to charity http://securityaffairs.co/wordpress/47049/malware/cyptmix-ransomware.html
"Robin Hood CyptMix 勒索软件背后组织者表示将为慈善机构捐款: https://t.co/4roDqAWJQl "
-
[ MalwareAnalysis ] IRMA 1.4.0 is out: default transport mode is now sftp and better handling of large files. Check http://irma.quarkslab.com/install.html cc @ qb_irma
"Quarks Labs 的恶意软件分析框架 IRMA 更新 1.4.0 版本: https://t.co/KhI3WomdtU 自己编写分析模块,扩展 IARA 的分析能力: http://blog.quarkslab.com/writing-our-own-analyzer-for-the-open-source-multi-scanner-irma.html "
-
[ OpenSourceProject ] There are some Samsung source codes at http://opensource.samsung.com/popup/gitRepository.do ! Why am I just now finding out? Too bad it's not the primary method!
"三星的开源代码库,含多款手机、电视的源码: https://t.co/QwTFiuTGCc "
-
[ Operating System ] The Illumos Syscall handler - http://zinascii.com/2016/the-illumos-syscall-handler.html
"Illumos Syscall Handler: https://t.co/schX4x2IHu Illumos 是 OpenSolaris 操作系统的开源社区版本 "
-
[ Others ] Quite a cool blog about the history of encryption, SIGINT, and espionage. http://rijmenants.blogspot.nl/
" 一个讲述加密、情报、间谍历史的 Blog: https://t.co/Ule1ZPZLsM"
-
[ Others ] Ohhh new Visual Studio code optimizer: https://blogs.msdn.microsoft.com/vcblog/2016/05/04/new-code-optimizer/
" Visual Studio 将使用一个新的代码优化器 ︰ https://t.co/4OhcWMZTzG"
-
[ Pentest ] Persistence Aggressor Script [for Cobalt Strike] http://www.zonksec.com/blog/persistence-aggressor-script/ // good example of how to use Aggressor Script to extend CS
"为 Cobalt Strike 渗透框架写一个持久控制脚本,当用户重启系统之后依然可以获得控制: https://t.co/lWuWQ2y9x9 "
-
[ Tools ] Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with coloured syntax code. https://github.com/joelpx/plasma
"plasma - 交互式的反汇编工具,可以生成语法高亮的伪汇编代码,支持 x86/ARM/MIPS 架构: https://t.co/2EHiyTM5fF"