腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Releasing JADE, android app static vulnerability analysis tool based on Soot and Scala https://github.com/flankerhqd/JADE
" JAADAS - Android 应用缺陷评估框架,作者为科恩实验室的 Flanker: https://t.co/r2Qd3xKzx4 "
-
[ Attack ] So according to Symantec if I add this piece of pseudo-code North Korea did it ? #Lazarus http://pastebin.com/dBP1ii5m/?e=1 https://t.co/5OjTzDEV5v
" Banswift 木马的一段伪代码: https://t.co/JQb3RlmzJI https://t.co/5OjTzDEV5v"
-
[ Attack ] APT Group Sends Spear Phishing Emails to Indian Government Officials http://www.fireeye.com/blog/threat-research/2016/06/apt_group_sends_spea.html
"APT 攻击者发送钓鱼邮件给印度政府官员,来自 FireEye Blog: https://t.co/Nzi2mYXney"
-
[ Challenges ] Congrats to #KeyResolve for winning USD $50K at #WCTF http://ctf.360.com/en/index.html /cc @ zoaedk @ rickyz @ lokihardt @ brian_pak @ qihu_official
" 上周在北京举办的 WCTF 比赛结束了,KeyResolve 战队夺得冠军,获得 5 万美元奖励: https://t.co/TZ9OEgQWKY "
-
[ Defend ] Inference of Peak Density of Indirect Branches to Detect ROP Attacks http://homepages.dcc.ufmg.br/~fernando/publications/papers/CGO16_mateus.pdf
" 通过检测间接分支跳转指令的密度,识别 ROP 攻击, Paper: https://t.co/l63b4RaLpA "
-
[ Malware ] Published a short write-up on the domain generation algorithm of the now defunct sisron malware https://johannesbader.ch/2016/06/the-dga-of-sisron/ #dga
" Sisron Botnet DGA 分析: https://t.co/NOOSbN5S7T "
-
[ Malware ] Android Banker malware goes social | Zscaler Blog http://ow.ly/x82H300RP5v
" 针对俄罗斯最大银行 Sberbank 的 Android 银行木马攻击,来自 Zscaler Blog: https://t.co/vadYjSAZpO"
-
[ Malware ] Cooking Up Autumn (Herbst) Ransomware http://blog.fortinet.com/2016/06/03/cooking-up-autumn-herbst-ransomware
" Fortinet Blog 对 Autumn(Herbst) 勒索软件的分析: https://t.co/e45Id6Jaaz"
-
[ Malware ] Understanding Angler Exploit Kit – Part 1: Exploit Kit Fundamentals http://researchcenter.paloaltonetworks.com/2016/06/unit42-understanding-angler-exploit-kit-part-1-exploit-kit-fundamentals/
" Palo Alto 对 Angler Exploit Kit 的分析,Part 1: https://t.co/l4hbVLOF5j"
-
[ Obfuscation ] Partial Deobfuscation of an Angler EK SWF http://neonprimetime.blogspot.com/2016/06/partial-deobfuscation-of-angler-ek-swf.html
" Angler EK Flash 混淆样本的部分还原: https://t.co/1e7Q1aEzwe "
-
[ OpenSourceProject ] NTP Patches Flaws That Enable DDoS https://threatpost.com/ntp-patches-flaws-that-enable-ddos/118470/
"NTP 上周发布更新,修复了几个可以被用于 DDoS 攻击的漏洞,来自 ThreatPost 的报道: https://t.co/ynYnZKv1wZ"
-
[ Others ] [White Paper] Explore how #cybersecurity can benefit buyer & seller through the M&A process http://bddy.me/1P5V0B8 https://t.co/D0eJBRDRYs
" 企业兼并或收购过程中的网络安全问题,来自 FireEye 的报告: https://t.co/RqUIzVfuh6 https://t.co/D0eJBRDRYs"
-
[ Others ] Researchers Uncover Affiliate Network for Ransomware https://threatpost.com/researchers-uncover-affiliate-network-for-ransomware/118452/
" FlashPoint 对勒索软件联盟组织的调查报告,勒索软件变得越来越商业化,之前类似的犯罪组织对人员的审核很严格,而现在为了扩大生意,都开始打广告招人了: https://t.co/9COHbiRIM7"
-
[ Pentest ] All of the PowerShell: https://labs.portcullis.co.uk/blog/powerops-powershell-for-offensive-operations/
"PowerOPS - PowerShell 渗透工具,编译后可以直接运行,不再依赖 powershell.exe: https://t.co/yhKVLFpjGc"
-
[ Tools ] Frida 7.2 is out – now with brand new support for creating scripts from bytecode: http://www.frida.re/news/2016/06/02/frida-7-2-released/
" Frida 动态插桩框架发布 7.2 版本 ︰ https://t.co/TGY82HNIYr"
-
[ Windows ] PoC to leverage Windows Error Reporting in corporate environments #DFIR #SSTIC https://github.com/aurel26/wer-server
" Windows WER(错误报告)协议的 PHP Server 实现: https://t.co/i9CHkslfej "
