腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/07/10

Hacker News @newsycombinator

[ Android ] Android N will ignore user added CA certs by default https://android-developers.blogspot.com/2016/07/changes-to-trusted-certificate.html

"Android 在处理可信 CA 方面的一些变化： https://t.co/r6uQ9LyucS"
Jeff Vander Stoep @jeffvanderstoep

[ Android ] Stop logging to the sd card! Addressing some common logging shenanigans: http://jeffvanderstoep.blogspot.com/2016/07/dont-log-to-sd-card.html

" 别再往 SD 卡上写日志︰ https://t.co/JJ29Iod9II"
Nicolas Krassas @Dinosn

[ Attack ] Hacker breached an Amazon server containing 80,000 login credentials http://securityaffairs.co/wordpress/49192/data-breach/hacker-breached-amazon-server.html

" 黑客 0x2Taylor 声称黑了一台亚马逊的服务器，这台服务器存有 80,000 条登录密钥信息： https://t.co/i4yhNHtyVU "
Nicolas Krassas @Dinosn

[ Attack ] Dropping Elephant APT Targets Old Windows Flaws https://threatpost.com/dropping-elephant-apt-targets-old-windows-flaws/119123/

" Dropping Elephant - 亚洲地区的 APT 间谍攻击行动，来自 ThreatPost 的报道： https://t.co/XV9SLvj3VA 来自 Kaspersky 的技术分析： https://securelist.com/blog/research/75328/the-dropping-elephant-actor/ "
Binni Shah @binitamshah

[ Backdoor ] Backdooring an AWS account: https://danielgrzelak.com/backdooring-an-aws-account-da007d36f8f9#.4bxt0lgg2

" 如何在 AWS（亚马逊云）帐户中植入后门︰ https://t.co/Se2bIe6UsU"
.mario @0x6D6172696F

[ Browser ] Looks like Microsoft changed the Edge XSS Filter rules quite dramatically in 14327.rs1_release.160620-2342 / Edge 38 http://pastebin.com/hecQRGVY

" Edge 浏览器 14327.rs1_release.160620 版本修改了 XSS Filter 的检测规则： https://t.co/3jIq1l7bG8"
Binni Shah @binitamshah

[ Browser ] browsersploit : Advanced browser exploit pack for doing internal and external pentesting : https://github.com/julienbedard/browsersploit

" BrowserExploit - 浏览器高级渗透测试框架︰ https://t.co/dTsdIIQ19s"
Alaeddine Mesbahi @3asm_

[ Debug ] "Reverse debugging for Python" http://morepypy.blogspot.com/2016/07/reverse-debugging-for-python.html #python if you haven't heard about timeless / reverse debugging, check this out !!!

" RevPDB - 针对 Python 的反向调试器（类似于 RR 调试器）： https://t.co/bxGX3ShF2v "
Intel Software Feed @intelswfeed

[ Defend ] Intel® Software Guard Extensions Tutorial Series: Part 1, Intel® SGX Foundation http://ift.tt/29EgmKy #tech #IamIntel #intel

"Intel SGX 防护技术指南，Part 1： https://t.co/qRVWMjVvcT "
Binni Shah @binitamshah

[ Firmware ] firminator_backend : First open source vulnerability scanner for firmwares : https://github.com/misterch0c/firminator_backend

"Firminator - 第一个开源的固件漏洞扫描工具，该工具通过静态和动态两种方法检测，动态是基于 Firmadyne 实现的︰ https://t.co/m6FYb8RIEM"
PythonArsenal @PythonArsenal

[ Fuzzing ] Nosy Newt - concolic execution tool for exploring the input space of a binary executable program. Based on Triton. https://github.com/CIFASIS/nosy-newt

" Nosy Newt - 可以用于探测二进制程序输入区间的符号执行工具： https://t.co/7NRBSw1TLt"
#include 〈cstdblood〉 @whitequark

[ Hardware ] so I reverse-engineered Silego's GreenPAK devboard & (with @ azonenberg) wrote a FOSS tool to program ICs, gp4prog https://github.com/azonenberg/openfpga/tree/master/src/gp4prog

" Open FPGA 开源项目： https://github.com/azonenberg/openfpga "
Hakin9 @Hakin9

[ Linux ] Linux hardening with sysctl @ linuxaudit http://bit.ly/29UD6EN #linux #hacking #infosec #hackers #pentest #cyber #tech #digital

" 用 sysctl 工具加固 Linux： https://t.co/J0KLCrvua6 "
Nicolas Krassas @Dinosn

[ Malware ] Kelihos botnet delivering Dutch WildFire Ransomware http://garwarner.blogspot.com/2016/07/kelihos-botnet-delivering-dutch.html

"Kelihos Botnet 传播 WildFire 勒索软件： https://t.co/JX1b61PS8A"
Alex Matrosov @matrosov

[ Mitigation ] Interesting Friday's read "PaX: reference count overflow mitigation can be bypassed by racing" https://bugs.chromium.org/p/project-zero/issues/detail?id=856

" PaX 引用计数溢出缓解措施绕过漏洞，来自 Project Zero Issue 856： https://t.co/99BkZ2U7oj"
Don A. Bailey @DonAndrewBailey

[ Others ] In @ InfoSecMouse's first edition of the revived #ThisOldVulnerability I revisit the Plan9 devenv kernel vuln of 2006 http://blog.securitymouse.com/2016/07/this-old-vulnerability-1-plan-9-devenv.html

" Plan9 操作系统内核 devenv.c 一个古老的整数溢出漏洞： https://t.co/jWAPFSik0g"
Binni Shah @binitamshah

[ Pentest ] PytheM : Python penetration testing framework : https://github.com/m4n3dw0lf/PytheM

"PytheM - 一个 Python 写的渗透测试框架︰ https://t.co/SoR2rGECdj"
Binni Shah @binitamshah

[ Popular Software ] Skype protocol dumps : http://skype-open-source2.blogspot.in/2016/06/skype-protocol-dumps.html

" Skype Protocol Dumps︰ https://t.co/bleFTvBwI5"
Nicolas Krassas @Dinosn

[ Popular Software ] Ruby On Rails ActionPack Inline ERB Code Execution https://packetstormsecurity.com/files/137834/rails_actionpack_inline_exec.rb.txt

"Ruby on Rails ActionPack 在处理 ERB Code 时存在代码执行漏洞（CVE-2016-2098）： https://t.co/z40JCozZH2"

2016/07/10