腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Details + PoC of Android stagefright CVE-2016-0836 (stack overflow in libmpeg2) by @ anestisb now available here: https://census-labs.com/news/2016/07/25/android-stagefright-impeg2d_vld_decode-stack-buffer-overflows/
" Android Stagefright impeg2d_vld_decode 栈缓冲区溢出漏洞(CVE-2016-0836)︰ https://t.co/vqnreB4c29"
-
[ Browser ] HitCon 2016 《Windows 10 x64 edge 0day and exploit》: https://github.com/exp-sky/HitCon-2016-Windows-10-x64-edge-0day-and-exploit/blob/master/Windows%2010%20x64%20edge%200day%20and%20exploit.pdf
"玄武实验室 exp-sky 在 HitCon 2016 会议的演讲:《Windows 10 x64 edge 0day and exploit》: https://t.co/v9JIyrPc9O"
-
[ Browser ] Updated virtual machines are now available with the latest EdgeHTML 14 preview build (14.14393): https://developer.microsoft.com/microsoft-edge/tools/vms/ Happy testing!
" 各版本的 Edge/IE 虚拟机下载,包括 Edge on Windows 10 Preview 版本: https://t.co/RcDO2GeXRA "
-
[ Browser ] New blogpost! "Bypassing paths in CSP with open redirects + mitigation" https://chloe.re/2016/07/25/bypassing-paths-with-open-redirects-in-csp/
" 通过跳转绕过 CSP 中的路径限制: https://t.co/dmid7FZsH6"
-
[ Exploit ] New blog post! Disclosing stack data (stack frames, GS cookies etc.) from the default heap on Windows. http://j00ru.vexillium.org/?p=2835
" 从 Windows 默认堆中泄漏栈上的数据(栈帧、GS Cookie): https://t.co/z1flAD5fq1"
-
[ Linux ] Linux Kernel 4.7 Officially Released http://bit.ly/29TMVWN
"Linux 内核 4.7 版本正式发布: https://t.co/qhxXvrfTeM"
-
[ macOS ] Could OS X malware abuse Finder Syncs to gain persistence? Read 'Persisting via a Finder Sync' to find out! https://objective-see.com/blog/blog_0x11.html #newblog
"OS X 恶意软件滥用 Finder Sync 功能实现持久化控制: https://t.co/xyWx6jyciS"
-
[ Malware ] CYREN looks at how the Locky ransomware is now fully embedded in JavaScript attachments http://blog.cyren.com/articles/2016-Q3_locky-ransomware-now-embedded-in-javascript.html https://t.co/RCoJK4AZwr
" Locky 勒索软件是如何被嵌进 JavaScript 附件的: https://t.co/YY4EIY8OMq "
-
[ Network ] Impacket is a collection of Python classes for working with network protocols https://github.com/CoreSecurity/impacket #goodolestuff
"Impacket - 专门用于处理网络协议的第三方 Python 库: https://t.co/02oxsy6miX "
-
[ OpenSourceProject ] CVE-2016-5399: php: out-of-bounds write in bzread() http://goo.gl/fb/b4pXWa #FullDisclosure
"CVE-2016-5399: PHP bzread() 越界写漏洞,来自 FullDisclosure 公告: https://t.co/1zXuEYPdlK "
-
[ OpenSourceProject ] Breaking PHP’s Garbage Collection and Unserialize : https://www.evonide.com/breaking-phps-garbage-collection-and-unserialize/
" Breaking PHP’s Garbage Collection and Unserialize︰ https://t.co/th0SDDoZCV"
-
[ Others ] World of Warcraft: Remote Code Execution via Social Engineering https://blog.gdatasoftware.com/2016/07/28809-world-of-warcraft-one-simple-line-of-code-can-cost-you-dearly
"魔兽世界 - 借助社会工程方法实现的远程代码执行: https://t.co/W0EfgwdYVt "
-
[ Others ] Binary SMS - The old backdoor to your new thing http://contextis.com/resources/blog/binary-sms-old-backdoor-your-new-thing/
" 手机安全中,短消息(SMS PDU)仍然是非常弱的一环: https://t.co/noj9cG1GtF"
-
[ Sandbox ] AngluarJS sandbox bypasses for each and every version (1.2.0 to 1.5.7): http://pastebin.com/xMXwsm0N (credits @ garethheyes @ cure53berlin @ tehjh)
"AngluarJS 各版本的沙盒绕过 PoC (1.2.0~1.5.7): https://t.co/LA7ByZYtid "
-
[ Web Security ] Reflected XSS in LinkedIn http://goo.gl/fb/neVBFK #FullDisclosure
" LinkedIn 网站反射式 XSS 漏洞,来自 FullDisclosure 公告: https://t.co/V910i0qgx0 "
-
[ Web Security ] Oracle Knowledge Management Forum Attachment Upload Remote Code Execution Vulnerability http://srcincite.io/advisories/src-2016-25/
"Oracle 知识管理论坛附件上传远程代码执行漏洞,漏洞公告: https://t.co/XeQtoevK20"
-
[ Windows ] Bypassing UAC on Windows 10 using Disk Cleanup https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/
"利用 Windows 10 磁盘清理绕过 UAC: https://t.co/QEjGDVFNGF"
-
[ Windows ] Misconfigured Service ACL Elevation of Privilege Vulnerability in Win10 IoT Core Build 14393 http://www.exploit-monday.com/2016/07/Win10IoTCore-Build14393-EoP.html
"Windows 10 IoT 核心版 Build 14393 中,服务 ACL 配置不正确导致的提权漏洞: https://t.co/2yM0nhADD9"
