腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/05/29

PHR34K @unpacker

[ Attack ] The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor http://researchcenter.paloaltonetworks.com/2016/05/the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor/

" OilRig 行动 - 针对沙特阿拉伯组织的定向攻击与 Helminth 后门，来自 Palo Alto Blog： https://t.co/rzTbb4SsVr "
Binni Shah @binitamshah

[ Crypto ] Breaking Naive ESSID WPA2 Key Generation Algorithms : http://conference.hitb.org/hitbsecconf2016ams/materials/D2T2%20-%20Peter%20blasty%20Geissler%20-%20Breaking%20Naive%20ESSID%20WPA2%20Key%20Generation%20Algorithms.pdf (Slides) #HITB2016AMS https://t.co/qnNkIelblq

" 攻击 ESSID WPA2 密钥生成算法，来自 HITB 阿姆斯特丹会议︰ https://t.co/74JdxfDn5y https://t.co/qnNkIelblq"
Binni Shah @binitamshah

[ Detect ] Exploit Kits : Hunting the Hunters : http://conference.hitb.org/hitbsecconf2016ams/materials/D1T1%20-%20Nick%20Biasini%20-%20Exploit%20Kits%20-%20Hunting%20the%20Hunters%20.pdf (Slides) #HITB2016AMS

" Exploit Kits : Hunting the Hunters，来自 HITB 阿姆斯特丹会议︰ https://t.co/3a2c6ci0wa "
Binni Shah @binitamshah

[ Exploit ] Kernel Exploit Sample Hunting and Mining : http://conference.hitb.org/hitbsecconf2016ams/materials/D1T2%20-%20Broderick%20Aquilino%20and%20Wayne%20Low%20-%20Kernel%20Exploit%20Hunting%20and%20Mitigation.pdf (Slides) #HITB2016AMS

"内核漏洞利用样本的检测与挖掘，来自 HITB 阿姆斯特丹会议︰ https://t.co/BOhCAlnskZ "
Binni Shah @binitamshah

[ Hardware ] Automobile Intrusion Detection : http://conference.hitb.org/hitbsecconf2016ams/materials/D2T1%20-%20Jun%20Li%20-%20CANSsee%20-%20An%20Automobile%20Intrusion%20Detection%20System.pdf (Slides) #HITB2016AMS https://t.co/xxLmNlXFvO

" CANSsee - 汽车入侵检测系统，来自 HITB 阿姆斯特丹会议︰ https://t.co/8SMbp87x9g https://t.co/xxLmNlXFvO"
Binni Shah @binitamshah

[ Hardware ] Cache side channel attacks: CPU Design as a security problem : http://conference.hitb.org/hitbsecconf2016ams/materials/D2T1%20-%20Anders%20Fogh%20-%20Cache%20Side%20Channel%20Attacks.pdf (Slides) cc: @ anders_fogh

" 缓存边信道攻击 - CPU 设计上的安全问题，来自 HITB 阿姆斯特丹会议︰ https://t.co/kP9JfY5jja "
Binni Shah @binitamshah

[ Hardware ] Create your own bad USB : http://conference.hitb.org/hitbsecconf2016ams/materials/D1T2%20-%20Seunghun%20Han%20-%20Create%20Your%20Own%20Bad%20USB%20Device.pdf (Slides) #HITB2016AMS

" 制作一个属于自己的 Bad USB，来自 HITB 阿姆斯特丹会议: https://t.co/A0uQ3KtxzJ "
Thireus ☠ @Thireus

[ iOS ] [Discussion] The iOS 9.3.2 jailbreak exploit is publicly available. https://www.reddit.com/r/jailbreak/comments/4lfi2y/discussion_the_ios_932_jailbreak_exploit_is/ Webkit exploit: https://github.com/WebKit/webkit/commit/98845d940e30529098eea7e496af02e14301c704

" iOS 9.3.2 越狱已经有公开的视频了，而且其中所用的漏洞也公开了， Reddit 上的讨论： https://t.co/TbdUgm4GUP Webkit 的漏洞补丁提交日志︰ https://t.co/TxaqPMOXpB"
Don A. Bailey @DonAndrewBailey

[ Language ] Slides from my #Erlang security talk at #lambdaconf are now available. Look for a white paper for more in depth info http://www.securitymouse.com/research

" Erlang 语言的安全模型： https://t.co/Vktn0V4Tq5 Slides： https://drive.google.com/file/d/0Bz8Lmg2kodQiRXYwWVpGNXQtdG5hNG5GaDFFNF9UNXp4UXo4/view?pref=2&pli=1 "
Binni Shah @binitamshah

[ Linux ] Exploit Mitigation Techniques in OpenBSD : https://www.openbsd.org/papers/ven05-deraadt/index.html , https://www.openbsd.org/papers/ven05-deraadt/mgp00001.html #b2b

" Exploit Mitigation Techniques in OpenBSD，图片格式的 Slides︰ https://t.co/2cgRQoUgMe、 https://t.co/34NiDT7sai "
Jóseph Mlodzìanowskì @cedoxX

[ Network ] My favorite packet tool: Tcpdump along with TcpTrace, Xplot ~ looking at network issues : PDF: https://fasterdata.es.net/assets/Uploads/20131016-TCPDumpTracePlot.pdf&ved=0ahUKEwipv4jAv_3MAhUG2SYKHVD-C74QFggrMAU&usg=AFQjCNGO2DmH2j-o4WKhK3R8V9FGHCsKdw&sig2=g-Em6gYs5Be7TsY09_7xag

" 利用 TCPDump、TCPTrace、XPlot 3 个工具调试网络问题: https://t.co/59HDkeASBc"
PHR34K @unpacker

[ Obfuscation ] Decoding Obfuscated Strings in Adwind http://blog.jpcert.or.jp/2016/05/decoding-obfuscated-strings-in-adwind.html

" 解码 Java 恶意软件 Adwind 混淆后的字符串，来自 JPCert Blog： https://t.co/IvhVh0WZQq "
Binni Shah @binitamshah

[ Others ] New Methods for Exploiting ORM Injections in Java Applications : http://conference.hitb.org/hitbsecconf2016ams/materials/D2T2%20-%20Mikhail%20Egorov%20and%20Sergey%20Soldatov%20-%20New%20Methods%20for%20Exploiting%20ORM%20Injections%20in%20Java%20Applications.pdf (Slides) #HITB2016AMS

" Java 应用 ORM 注入新的攻击方法，来自 HITB 阿姆斯特丹会议︰ https://t.co/dSmjmMtDVD "
Binni Shah @binitamshah

[ Pentest ] Reverse shell on a Node.js application : https://wiremask.eu/writeups/reverse-shell-on-a-nodejs-application/

" 渗透测试时，如何通过 Node.js 应用反弹 Shell ︰ https://t.co/uQCZH3152b"
Binni Shah @binitamshah

[ Virtualization ] Virtualization System Vulnerability Discovery Framework : http://conference.hitb.org/hitbsecconf2016ams/materials/D1T1%20-%20Tang%20Qing%20Hao%20-%20Virtualization%20System%20Vulnerability%20Discovery%20Framework.pdf (Slides) #HITB2016AMS

"虚拟化系统漏洞发现框架，来自 HITB 阿姆斯特丹会议︰ https://t.co/ixlVlUTGi3 "
Binni Shah @binitamshah

[ Vulnerability ] Escape From The Docker-KVM-QEMU Machine : http://conference.hitb.org/hitbsecconf2016ams/materials/D1T1%20-%20Shengping%20Wang%20and%20Xu%20Liu%20-%20Escape%20From%20The%20Docker-KVM-QEMU%20Machine.pdf (Slides) #HITB2016AMS

" 从 Docker/KVM-QEMU 虚拟机中逃逸，来自 HITB 阿姆斯特丹会议︰ https://t.co/mmSmXu2IiC "
Binni Shah @binitamshah

[ WirelessSecurity ] Forging Wireless Timing Signals to Attack the NTP Server : http://conference.hitb.org/hitbsecconf2016ams/materials/D2T1%20-%20Yuwei%20Zheng%20and%20Haoqi%20Shan%20-%20Forging%20a%20Wireless%20Time%20Signal%20to%20Attack%20NTP%20Servers.pdf (Slides) #HITB2016AMS

"伪造无线授时信号，攻击 NTP 服务器，来自 HITB 阿姆斯特丹会议︰ https://t.co/0Sox2QhQZy "

2016/05/29