腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Installing drozer on MacOSX El Capital - https://blog.ropnop.com/installing-drozer-on-os-x-el-capitan/ (There is a bug with pyOpenSSL)
"在 Mac OS X 系统安装 Drozer 工具: https://t.co/IUZlPWzenD "
-
[ Attack ] Technical details on Operation Daybreak: Flash zero-day exploit deployed by the ScarCruft APT Group https://securelist.com/blog/research/75100/operation-daybreak/
" ScarCruft APT 组织利用 Flash 0Day 发起 'DayBreak' 攻击的技术细节,来自 Kaspersky Blog: https://t.co/0ZmMfIdQ08 "
-
[ Detect ] Smart detection of passive TOR sniffing https://goo.gl/ZWtS5o
" Tor 网络被动方式嗅探的智能检测: https://t.co/4lqBFVL7y1"
-
[ Detect ] w0w, a nice plugin for Bro IDS using Unicorn emulator to detect shellcode! https://github.com/Mipu94/BroIDS_Unicorn
" Bro IDS 用于检测 Shellcode 的插件,基于 Unicorn 模拟器: https://t.co/npUgGqXAeb"
-
[ Detect ] Remote detection of a user's AV via Flash http://agrrrdog.blogspot.com/2016/06/remote-detection-of-users-av-via-flash.html
" 利用 Flash 远程探测反病毒软件的存在: https://t.co/bGcyKlMzy9 "
-
[ Exploit ] X86 Shellcode Obfuscation (Part 3) : https://breakdev.org/x86-shellcode-obfuscation-part-3/ , Part 2 : https://breakdev.org/x86-shellcode-obfuscation-part-2/ , Part 1 : https://breakdev.org/x86-shellcode-obfuscation-part-1/
"x86 Shellcode 混淆技术 Part 3 执行流欺骗: https://t.co/vZo0Hh2jYD"
-
[ IoTDevice ] Security of Home Automation Systems https://www.ernw.de/download/ERNW_Newsletter_49_SecurityOfHomeAutomationSystems_signed.pdf [PDF] https://t.co/qET6tmwhnE
" 智能家居系统的安全性分析,来自 ERNW 的 Paper: https://t.co/ZKoMMlMSYC https://t.co/qET6tmwhnE"
-
[ Mitigation ] So adobe added memory protector to flash player to mitigate uaf bugs, analysis from 360 vulcan team: http://blogs.360.cn/360safe/2016/06/17/a-quick-look-at-the-flash-memory-protector/
" 360 研究员 guhe 对 Flash 的 Memory Protector UAF 利用缓解技术的分析 ︰ https://t.co/btdDcyx4Bi"
-
[ Network ] Microsoft has a blog post on why hidden SSIDs harm security. They cause connecting clients to *always* broadcast it. https://blogs.technet.microsoft.com/networking/2008/02/08/non-broadcast-wireless-ssids-why-hidden-wireless-networks-are-a-bad-idea/
" 为什么隐藏无线 SSID 对安全来说不是个好主意,来自微软 Blog: https://t.co/n6uMfmiMaL"
-
[ OpenSourceProject ] drop the bugz #2 - [CVE-2016-????] expat xml parser heap overflow vulnerability - #android #chromium #etcetc - https://marcograss.github.io/security/android/chromium/2016/06/17/expat-xml-heap-overflow.html
" xml 解析库 expat 堆溢出漏洞(影响 Android 和 Chrome): https://t.co/drGTGdCJtP"
-
[ OpenSourceProject ] At some point last year I started fuzzing libarchive. Found a huge number of issues, most are fixed in ver 3.2.0 https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html
" libarchive 库多个内存破坏漏洞: https://t.co/7w9F6KWNfr"
-
[ Tools ] NCC Group Tool: UMAP2 - the 2nd ver of our Python USB host security assessment tool https://github.com/nccgroup/umap2 by NCC Group and Cisco SAS team
" UMAP2 - NCC Group 开源的一个 USB Host 安全评估工具,GitHub Repo: https://t.co/X6PJyUERnt "
-
[ Windows ] As promised, MS16-032 MSF module: https://github.com/khr0x40sh/metasploit-modules/blob/master/local/ms16_032_secondary_logon_handle_privesc.rb
" Windows 二次登录句柄(Secondary Logon Handle)提权漏洞 Metasploit 攻击模块(MS16-032)︰ https://t.co/boHQcbXgic"
-
[ Windows ] A PoC script to enumerate WMI providers, their DLLs, and the classes they host: https://gist.github.com/mattifestation/5d1565348d71b54ad02c44a5b94839f8 Good for defenders and vuln research
" 枚举 Windows WMI Provider 的脚本︰ https://t.co/uUDUxx9lPS "
