腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] Sucuri's first "Website Hacked Report" https://sucuri.net/website-security/website-hacked-report
"Sucuri 发布的 2016 Q1 Website Hacked Report,对 1.1 万个被黑网站的分析: https://t.co/FS6y4VqnO8"
-
[ Attack ] Good, at least we know banks use Foxit Reader - a PDF reader does not have a sandbox. https://blogs.mcafee.com/mcafee-labs/attacks-swift-banking-system-benefit-insider-knowledge.
" 在信息收集阶段,攻击 SWIFT 银行系统的黑客通过内部员工获取重要信息: https://t.co/oaMNBDbNGB Haifei Li 评论说,至少我们知道了银行在使用福昕阅读器,而这款阅读器是没有沙箱的"
-
[ Browser ] btw https://github.com/WebKit/webkit/commit/98845d940e30529098eea7e496af02e14301c704 is the bug i’m playing with. will upload code for the exploit at some point
" WebKit WebCore::TimerBase::heapPopMin() UAF, 代码 Patch: https://t.co/SqBipbA1uj "
-
[ Browser ] researchers at @ PrincetonCITP released a new browser fingerprinting demo using AudioContext API: https://audiofingerprint.openwpm.com/
" 基于 AudioContext API 的浏览器指纹 Demo: https://t.co/KQig38A3ee"
-
[ Cloud ] Slides from my Cloud Security talk at #SourceBoston are now available https://speakerdeck.com/silvexis/defending-the-cloud-from-the-full-stack-hack-source-boston-2016
" 云安全中的全栈攻击,介绍了 GitHub 上泄漏云平台私钥的问题、元数据泄漏、老漏洞获得新生等话题: https://t.co/zrtuGrRb1F"
-
[ Forensics ] The Art of Defiling: Defeating Forensic Analysis on Unix File Systems - by @ thegrugq https://archive.org/details/hitb2004-grugq
" Defiling 的艺术 - 对抗 Unix 文件系统的取证分析: https://t.co/qpcCm9Q8q3 "
-
[ Hardware ] New blog post: Introduction of a new hardware guy https://www.insinuator.net/2016/05/introduction-of-a-new-hardware-guy/
" 硬件黑客的新玩具 VICTor: https://t.co/l8xVqLRPZy"
-
[ Mac OS X ] Apple Quicktime - MOV File Parsing Memory Corruption Vulnerability https://cxsecurity.com/issue/WLB-2016050099
"Apple Quicktime MOV 文件解析内存破坏漏洞(CVE-2016-1848),PoC: https://t.co/tmesjZVmmO"
-
[ Malware ] Petya and Mischa – #Ransomware Duet (part 1) | Malwarebytes Labs https://blog.malwarebytes.org/threat-analysis/2016/05/petya-and-mischa-ransomware-duet-p1/?utm_source=twitter&utm_medium=social via @ hasherezade
" Petya 和 Mischa — 勒索软件二重奏,来自 MalwareBytes Blog: https://t.co/8zpOHN3al4"
-
[ Malware ] Dogspectus Ransomware Analysis http://blog.fortinet.com/post/dogspectus-ransomware-analysis
"Dogspectus 勒索软件分析,来自 Fortinet Blog: https://t.co/JXoaD8MoHv"
-
[ MalwareAnalysis ] 'Applying DevOps Principles for Better Malware Analysis' slides are up: http://gosecure.github.io/presentations/2016-05-19_northsec/malboxes.html by @ obilodeau and @ hugospns /cc @ NorthSec_io
" 将开发运维中的一些原则应用到恶意代码分析过程: https://t.co/zUtuD5bQQh"
-
[ Network ] Remotely hijack TCP connection at GeekPwn 2016 Macau https://blog.geekpwn.org/2016/05/20/mitnick-attack-reappears-at-geekpwn-macau-contest/
" GeekPwn 官方 Blog 对澳门比赛 TCP 会话远程劫持攻击的介绍: https://t.co/HBDDdejG4o"
-
[ Others ] InstaBrute: Two Ways to Brute-force Instagram Account Credentials https://www.arneswinnen.net/2016/05/instabrute-two-ways-to-brute-force-instagram-account-credentials/
"InstaBrute ︰ 两种暴力破解 Instagram 帐户密码的方式: https://t.co/dQcHMmTlb6"
-
[ Others ] A non-exhaustive list of ways C compilers break for objects larger than PTRDIFF_MAX bytes http://trust-in-soft.com/objects-larger-than-ptrdiff_max-bytes/
" C 编译器(gcc/clang) 对指针运算的处理: https://t.co/ouaL2S2LTE "
-
[ Popular Software ] Blog post: bug in OpenJDK when using disk-based Burp projects, and how to work around it http://blog.portswigger.net/2016/05/using-disk-based-projects-with-openjdk.html
" OpenJDK Java API 存在 Bug,在使用 Burp 磁盘相关项目时会触发该 Bug: https://t.co/RuQxie9V6Y"
-
[ Protocol ] The Security of HTTP-Headers http://contextis.com/resources/blog/security-http-headers/
" The Security of HTTP-Headers,来自 Context Security Blog: https://t.co/FHQlM01HTD"
-
[ ReverseEngineering ] Reversing C++ (Part 1) – Function Overloading and Function Templates : http://www.cybersmash.io/reversing-c-pt-1-function-overloading-and-function-templates/
" C++ 逆向 Part 1 — 函数重载与函数模板︰ https://t.co/kHmYG07faW"
-
[ SecurityProduct ] TrendMicro ScanMail for Microsoft Exchange (SMEX) predictable session token - CVE-2015-3326 http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html
"趋势科技 Exchange 邮件扫描服务(ScanMail) Session Token 可预测漏洞(CVE-2015-3326): https://t.co/ZakrPVfotl "
-
[ Tools ] A language that compiles to Bash and Windows Batch : https://github.com/BYVoid/Batsh
"Batch - 一种语言,作者写了一个工具,用 Batch 语言编写的脚本,可以生成 Linux 平台的 Bash 和 Windows 平台的批处理, GitHub Repo ︰ https://t.co/XOxwOshKkv 在线的编译工具: http://batsh.org/ "
-
[ Tools ] vprof : Visual Python profiler : https://github.com/nvdv/vprof https://t.co/gq9ZJZjZWW
"vprof︰ 可视化的 Python 性能分析工具 ︰ https://t.co/YXmKuhPG7t https://t.co/gq9ZJZjZWW"
-
[ Windows ] How to prevent users from killing your service or process - C# Works pretty well actually. https://gist.github.com/subTee/9808dd07493601cb30fc97bdbe832f71 https://t.co/ICRp7QRoNk
"如何防止用户杀掉我们的进程或服务, C# 实现: https://t.co/ZKNBRDF410 https://t.co/ICRp7QRoNk"
