腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android-Security-Reference - KeyStore - https://github.com/doridori/Android-Security-Reference/blob/master/api/keystore.md
" Android 安全手册之 KeyStore: https://t.co/YnqBSPBBe7 该作者还整理了很多其他组件的笔记: https://github.com/doridori/Android-Security-Reference 其中还有一个链接整理了一些 HackingTeam 泄漏的 Exploits: https://github.com/f47h3r/hackingteam_exploits "
-
[ Attack ] SWIFT Warns of Second Bank Attack via PDF Malware: https://threatpost.com/swift-warns-of-second-bank-attack-via-pdf-malware/118078/ via @ threatpost
"SWIFT(环球金融电信协会)警告称,3 月初孟加拉国中央银行被黑客攻击后,近期又有一家银行遭到攻击,黑客绕过了这家银行的风险控制系统,进入了资金转移系统。这两次攻击手法非常相似,来自 ThreatPost 的报道: https://t.co/B4tXlsChYV"
-
[ Backdoor ] Gdog – Python Windows Backdoor With Gmail Command & Control http://www.darknet.org.uk/2016/05/gdog-python-windows-backdoor-gmail-command-control/
"Gdog — 基于 Gmail 实现 C&C 的 Windows 后门,Python 语言编写: https://t.co/fdcCkH5cCF"
-
[ Browser ] Attacking Browser Extensions : http://nicolas.golubovic.net/thesis/master.pdf (pdf)
"前两周推送过这篇《攻击浏览器扩展(Firefox/Chrome)》的 Paper︰ https://t.co/gQc55VywtN 这两天作者又公开了相关的测试工具和示例代码: https://github.com/qll/attacking-browser-extensions "
-
[ Browser ] Bug 1266397 - Popup blocker bypass using Flash https://bugzilla.mozilla.org/show_bug.cgi?id=1266397 < "I really do not have the time to look at this now."
" 用 Flash 绕过 Firefox 的弹框保护,来自 Firefox Bug 1266397: https://t.co/LLuLaJGHjE "
-
[ Browser ] Exploit for another OOB bug CVE-2016-1646 in V8. Great thanks @ oldfresher for his generous sharing. https://github.com/4B5F5F4B/Exploits/tree/master/CVE-2016-1646
" KK 为 Chrome v8 CVE-2016-1646 写的 Exploit, 在 Windows 10、 Chrome 46.0.2490.0 版本上测试通过: https://t.co/1smKuferaO "
-
[ Detect ] Detecting ImageTragick with Burp Suite Pro https://blog.silentsignal.eu/2016/05/13/detecting-imagetragick-with-burp-suite-pro/
" 用 BurpSuite Pro 检测 ImageTragick 漏洞: https://t.co/BNj3EeYxEv "
-
[ Malware ] Latest Petya Ransomware Strain Comes with a Failsafe: Mischa https://threatpost.com/latest-petya-ransomware-strain-comes-with-a-failsafe-mischa/118072/
" 最新的 Petya 勒索软件加了一个故障保护功能,如果用 Petya 没有获取到管理员权限,它就切换为 Plan B - Mischa, 来自 ThreatPost 的报道: https://t.co/SJMunSw9L0"
-
[ Malware ] Malware in a MSG: http://cerbero-blog.com/?p=1625 https://t.co/7UElizXLLa
" .msg(Outlook 邮件文件)中的恶意软件,来自 Cerbero Blog ︰ https://t.co/GQmo2dy1j2 https://t.co/7UElizXLLa"
-
[ Network ] VPN over DNS : http://www.shellntel.com/blog/2016/3/30/vpn-over-dns-1 https://t.co/1tFmBR5VNf
"基于 DNS 协议的 VPN: https://t.co/EOtrTRZiM2 https://t.co/1tFmBR5VNf"
-
[ Obfuscation ] A study on obfuscation techniques for Android malware : http://midlab.diag.uniroma1.it/articoli/matteo_pomilia_master_thesis.pdf (pdf)
" Android 恶意软件混淆技术研究 ︰ https://t.co/nY0cWhhwIs "
-
[ OpenSourceProject ] Open sourcing our NGINX HTTP/2 + SPDY code https://blog.cloudflare.com/open-sourcing-our-nginx-http-2-spdy-code/
" CloudFlare 开源了自己的 NGINX HTTP/2 + SPDY 代码: https://t.co/JHZ2qDTUBU"
-
[ Popular Software ] Flash Vulnerability CVE-2016-4117 Shares Similarities With Older Pawn Storm Exploit http://blog.trendmicro.com/trendlabs-security-intelligence/new-flash-vulnerability-cve-2016-4117-shares-similarities-with-older-pawn-storm-exploit/
"CVE-2016-4117 Flash 漏洞与之前的 Pawn Storm Exploit 有很多相似性: https://t.co/iSXJtyJbt1"
-
[ Web Security ] Webshell for IIS http://goo.gl/fb/HJ7FxP #FullDisclosure
" IIS 8 上可用的 Webshell: https://t.co/zKXZ0s9FLG "
-
[ Windows ] This is worth reviewing (2011) [PDF] The Dangers of Per-User COM Objects https://www.virusbulletin.com/uploads/pdf/conference_slides/2011/Larimer-VB2011.pdf
" Per-User COM 对象的危险,来自 Virus Bulletin 2011 会议的一篇演讲: https://t.co/nZFDt1pHir 这篇演讲的 Paper: http://codetastrophe.com/Larimer-VB2011.pdf "
-
[ Windows ] Create and install self-signed certificates in Windows Nano Server https://gist.github.com/subTee/b092cf7b46de222e82c0808270c431ad via X509 COM https://t.co/dwfBcM6tES
"在 Windows Nano Server 上通过 X509 COM 创建并安装自签名证书: https://t.co/nFQUIvb48O COM https://t.co/dwfBcM6tES"
