腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] An increase of sophisticated phishing attacks in Sweden - Securelist http://ow.ly/j6Xh3020FLr
"针对瑞典的钓鱼攻击最近突然开始频繁: https://t.co/sC0rNWiGcI"
-
[ Attack ] APT Group ‘Patchwork’ Cuts-and-Pastes a Potent Attack https://threatpost.com/apt-group-patchwork-cuts-and-pastes-a-potent-attack/119081/
" Patchwork - 与东南亚和南.海有关的 APT 攻击行动,有趣的是,攻击者所用的代码几乎全是从网上复制粘贴来的: https://t.co/Jjtdj2EbAn"
-
[ Attack ] Just published "The First Cyber Espionage Attack: How Operation Moonlight Maze made history" https://medium.com/@ chris_doman/the-first-sophistiated-cyber-attacks-how-operation-moonlight-maze-made-history-2adb12cc43f7 https://t.co/SY5QZk17z1
" 第一次复杂的网络间谍攻击事件 - 月光迷宫: https://t.co/D1gnd7epCQ https://t.co/SY5QZk17z1"
-
[ Crypto ] Minimum Requirements for Evaluating Side-Channel Attack Resistance. Quite useful summary. https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_46_BSI_guidelines_SCA_RSA_V1_0_e_pdf.pdf
" 评估 RSA、DSA、Diffie-Hellman 密钥交换实现在边信道攻击方面的健壮性: https://t.co/28l7NZuTwN"
-
[ Crypto ] Google is testing new crypto protocols in Chrome to prepare for future quantum computing attacks https://www.wired.com/2016/07/google-tests-new-crypto-chrome-fend-off-quantum-attacks/
" Google 正在 Chrome 中测试新的加密协议,为对抗将来的量子计算攻击做准备: https://t.co/UeFMDhu1Bz"
-
[ Fuzzing ] Ever wanted to fuzz Windows binaries with AFL? Now you can. https://github.com/ivanfratric/winafl
" WinAFL- 用 AFL Fuzz Windows 二进制文件: https://t.co/pC7iQuPeHn"
-
[ Hardware ] Whisper in the wire, remote and silent voice command injection: https://www.researchgate.net/publication/304789264_20160630_Whisper_in_the_Wire-Voice_Command_Injection_Reloaded https://t.co/Y65oBxJFR7
-
[ Hardware ] Your Smart Watch Can Steal Your ATM PIN : http://spectrum.ieee.org/tech-talk/consumer-electronics/gadgets/your-smart-watch-can-spy-on-your-pin
"你的智能手表可以窃取你的银行卡密码︰ https://t.co/3cba8wzYAW"
-
[ IoTDevice ] D-Link Wi-Fi Camera Flaw Extends to 120 Products: https://threatpost.com/d-link-wi-fi-camera-flaw-extends-to-120-products/119097/ via @ threatpost
"D-Link Wi-Fi 摄像头存在漏洞,该摄像头在该公司多达 120 款产品中使用,来自 ThreatPost 的报道: https://t.co/LzzYFTlafP Shodan 对互联网 D-Link 设备的搜索调查报告: https://dlink-report.shodan.io/ "
-
[ macOS ] 再看CVE-2016-1757---浅析mach message的使用 - http://turingh.github.io/2016/07/05/%E5%86%8D%E7%9C%8BCVE-2016-1757%E6%B5%85%E6%9E%90mach%20message%E7%9A%84%E4%BD%BF%E7%94%A8/
" 再看 CVE-2016-1757,浅析 mach message 的使用: https://t.co/ziLE6Sf5HE"
-
[ Network ] The Difficulty of Routing around Internet Surveillance States https://www.schneier.com/blog/archives/2016/07/the_difficulty_.html
" 尽量避免路由经过互联网被监视的国家,Paper: https://t.co/1l6qyqZJa2 "
-
[ Network ] DNS Tunneling : Tunnel your way to free internet https://medium.com/@ ankcodes/tunnel-your-way-to-free-internet-1a2e9120ddc
"基于 DNS 隧道的网络传输: https://t.co/icLxmSpLBN"
-
[ Others ] New paper: Reliably exploiting races in SGX enclaves is easy due to scheduler control and side channels! https://www.ibr.cs.tu-bs.de/users/weichbr/papers/esorics2016.pdf
"Intel SGX 保护环境的一个同步漏洞,通过 UAF 和条件竞争的方法可以实现利用,Paper: https://t.co/PpnwyE2FEs"
-
[ Popular Software ] Acer Portal Android Application - MITM SSL Certificate Vulnerability (CVE… http://goo.gl/fb/kDHXL0 #FullDisclosure
"宏碁门户 Android APP SSL 证书中间人劫持漏洞(CVE-2016-5648): https://t.co/mfMdLhGKrB "
-
[ Sandbox ] Rise of VBS Scripts evading Sandboxes http://joe4security.blogspot.it/2016/07/rise-of-vbs-evading-sandboxes.html
" 最近 Joe4Security 发现了一波新的尝试绕过沙盒检测的 VBS 样本: https://t.co/AefU30IDKd"
-
[ SecurityProduct ] ERNW NL 42 (Dec 2013) on " Attacking Check Point´s FDE with Activated WIL" https://www.ernw.de/download/newsletter/ERNW_Newsletter_42_Checkpoint_FDE_with_WIL_en.pdf [PDF], by @ _fel1x https://t.co/9JqO7qyAsA
" Attacking Check Point´s FDE(全盘加密),来自 ERNW 2013 年的一篇 Paper: https://t.co/jI53SgOkWd https://t.co/9JqO7qyAsA"
-
[ Tools ] Here's a cool Library: https://github.com/nektra/deviare2 And you can use it with Registration Free COM Activation... #DFIR https://t.co/iiMOu3Mm22
" deviare2 - Windows Hook 引擎,支持对 Win32 API 和 COM 对象的 Hook: https://github.com/nektra/deviare2 "
-
[ Tools ] Five Whitelisting Bypass Techniques, One Dll. Customize your payloads. Or not, use calc.exe ;-) https://github.com/subTee/AllTheThings Feedback Welcome.
" AllTheThings - Casey Smith 公开的一个应用白名单绕过工具,该工具集成了 5 种已知白名单绕过方法: https://t.co/WOyA9mps01 "
-
[ Tools ] We're discontinuing 32-bit installers for commercial editions of #Metasploit https://community.rapid7.com/community/metasploit/blog/2016/07/06/announcement-end-of-life-metasploit-32-bit-versions Framework installers are unaffected.
" Metasploit 将不再更新 32 位的商业版本: https://t.co/H8V7ZtK1LQ "
-
[ Tools ] https://github.com/google/codesearch seems to work pretty well to index and search code :-)
" Code Search - Google 开源的一个代码搜索工具,可以快速创建索引,支持正则表达式搜索: https://t.co/MAREMMb9j7 "
-
[ Tools ] Automatic Server-Side Template Injection Detection and Exploitation Tool by @ norbemi - https://github.com/epinna/tplmap
" tplmap - 自动化的模板注入攻击检测工具,支持 Mako、Jinja2、Jade 等 8 款模板引擎: https://t.co/dRDze0YvSe"
-
[ Web Security ] Zero-day flaw lets hackers tamper with your car through BMW portal http://goo.gl/fb/9mdTPk #FullDisclosure
" 宝马门户网站的漏洞可以让黑客篡改车辆信息,来自 ZDNet 的报道: http://www.zdnet.com/article/hackers-can-tamper-with-car-registration-through-bmw-connected-car-portal/ "
-
[ Windows ] Using SxS redirection to gain SYSTEM privileges http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643&p=28833#p28833 #uacme https://t.co/LQTRMHnmNS
"利用 SxS 重定向获取 SYSTEM 权限: https://t.co/oRvvvPY3Q6 https://t.co/LQTRMHnmNS"
-
[ Windows ] awesome-windows-exploitation : A curated list of awesome Windows Exploitation resources : https://github.com/enddo/awesome-windows-exploitation
" Awesome Windows Exploitation - Windows 漏洞利用相关的资料整理︰ https://t.co/cbEYI1lphF"
-
[ Windows ] Windows XP/7/8/10 Etw Logger http://www.ttoyota.com/kerneldbg_kiso/helloworld_system.php via @ t_toyota
" Windows XP/7/8/10 Etw Logger(日文): https://t.co/UU7uCoyiXV "
