腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/07/31

jsoo @_jsoo_

[ Conference ] 2016阿里安全峰会 - https://drive.google.com/folderview?id=0B_thUFNIy8Tdd0JUNzZwYW1rcHM&usp=sharing

"2016 阿里安全峰会 PPT 下载： https://t.co/6doX9oFXba"
jsoo @_jsoo_

[ Conference ] 2016JSRC乌托邦沙龙 - https://drive.google.com/folderview?id=0B_thUFNIy8TdeElDaTMwdVFJTkE&usp=sharing

"2016 JSRC 乌托邦沙龙 PPT 下载： https://t.co/53I9Nj0poy"
x64dbg @x64dbg

[ Debug ] Introducing x64dbg and Pizzacrypts Ransomware Unpacking by @ ArnaudDlms http://adelmas.com/blog/x64dbg_pizzacrypts.php

" x64dbg 调试器与 Pizzacrypts 勒索软件的分析： https://t.co/NM4koRCNJ3"
x64dbg @x64dbg

[ Debug ] New blog post by @ fearless0: x64dbg plugin SDK http://x64dbg.com/blog/2016/07/30/x64dbg-plugin-sdk.html #x64dbg #blog

" x64dbg 调试器的插件 SDK 使用指南： https://t.co/jS4WXQZTIy "
Binni Shah @binitamshah

[ Exploit ] Windows 7 x86 - localhost Port Scanner Shellcode : https://www.exploit-db.com/exploits/40175/

"Windows 7 x86 本地主机端口 Shellcode︰ https://t.co/Ox9DaD3QCL"
Julien Vanegue @jvanegue

[ Exploit ] Exploiting memory corruption vulnerabilities in FreeRTOS vulnerabilities: https://speakerdeck.com/jsandin/shmoocon-2016-exploiting-memory-corruption-vulnerabilities-on-the-freertos-operating-system - Shmoocon 2016 - really good talk JSandin

" FreeRTOS 操作系统内存破坏漏洞的利用︰ https://speakerdeck.com/jsandin/shmoocon-2016-exploiting-memory-corruption-vulnerabilities-on-the-freertos-operating-system "
Yuriy Bulygin @c7zero

[ Firmware ] Introduction to reversing DXE drivers by @ BrunoPujos https://www.lse.epita.fr/data/lt/2016-02-09/slides/lt-2016-02-09-Bruno%20Pujos-RE%20DXE.pdf

" 逆向固件 DXE 驱动介绍： https://t.co/NFRotRiCQ7 "
J Wolfgang Goerlich @jwgoerlich

[ Malware ] Cisco Finds $34 Million Ransomware Industry http://rss.slashdot.org/~r/Slashdot/slashdot/~3/7thJEfMuwvs/cisco-finds-34-million-ransomware-industry

"思科的 2016 年年中网络安全报告显示，勒索软件行业每年的利润约 3400 万美元： https://t.co/MJ8uvUXyWp 报告下载： https://www.cisco.com/c/dam/assets/offers/pdfs/midyear-security-report-2016.pdf"
Nicolas Krassas @Dinosn

[ OpenSourceProject ] WebKit: Memory Corruption in TypedArray.copyWithin https://bugs.chromium.org/p/project-zero/issues/detail?id=862

" WebKit TypedArray.copyWithin 内存破坏漏洞，来自 Project Zero Issue 862： https://t.co/8fZ7rEjJnX "
Nicolas Krassas @Dinosn

[ OpenSourceProject ] WebKit: Memory Corruption in TypedArray.fill https://bugs.chromium.org/p/project-zero/issues/detail?id=863

" WebKit TypedArray.fill 内存破坏漏洞，来自 Project Zero Issue 863： https://t.co/EOrkoDhkMv "
Nicolas Krassas @Dinosn

[ Web Security ] [webapps] - PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution https://www.exploit-db.com/exploits/40185/

" PhpMyAdmin 4.6.2 已认证用户远程代码执行漏洞（CVE-2016-5734）： https://t.co/aXVKFQUGaN"

2016/07/31