腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Linux Kernel Arbitrary Mem Write ID'ed by @ coreteam: CVE-2016-3857. All ARM machines w/ OABI support are vulnerable! https://source.android.com/security/bulletin/2016-08-01.html
" Android 官方发布了 8 月份的漏洞公告: https://t.co/SruS0vOCei"
-
[ Attack ] Kaspersky DDoS Intelligence Report for Q2 2016 https://securelist.com/analysis/quarterly-malware-reports/75513/kaspersky-ddos-intelligence-report-for-q2-2016/
"卡巴斯基 2016 第二季度 DDoS 情报报告: https://t.co/8H0CruM79V "
-
[ Browser ] Finally, it is published: this was my whiteboard while reverse engineering IE's JS engine https://www.syssec.rub.de/research/publications/detile-fine-grained-information-leak-detection/ https://t.co/exSzf7hqEm
" Detile - 脚本引擎中的细粒度信息泄漏检测: https://www.syssec.rub.de/media/emma/veroeffentlichungen/2016/07/29/detile_info_leak_detection_dimva16.pdf "
-
[ Detect ] Making your Shellcode Undetectable using .NET https://osandamalith.com/2016/08/01/making-your-shellcode-undetectable-using-net/ via @ OsandaMalith
" 基于 .NET 工具,实现 Shellcode 的免杀: https://t.co/l6KgtHRsv9 "
-
[ Fuzzing ] Dynamic Symbolic Execution with Interpolation Based Path Merging https://www.sec.in.tum.de/assets/Uploads/ibing16interpolmerge.pdf
"通过插值路径合并算法解决符号执行中的路径爆炸问题,Paper: https://t.co/UhfxRJckmo"
-
[ iOS ] How to steal $2,999.99 in less than 2 minutes with Venmo and Siri http://www.martinvigo.com/steal-2999-99-minute-venmo-siri/
" 滥用手机支付 APP Venmo 和 Siri,两分钟不到,偷 2999.99 刀: https://t.co/CrvGl5ekd4 "
-
[ Linux ] Linux >= 4.5 double fetch leading to heap overflow https://cxsecurity.com/issue/WLB-2016080002
"Linux >= 4.5 Double Fetch 导致的堆溢出 PoC: https://t.co/9VrdfdQ08i"
-
[ Mitigation ] New Technique Checks Mitigation Bypasses Earlier: https://threatpost.com/new-technique-checks-mitigation-bypasses-earlier/119568/ via @ threatpost
" 本周的 BlackHat 会议上,Endgame 团队研究员将提出一种新的 ROP 防御方法,称为硬件辅助的 CFI︰ https://t.co/HSr7oFD8xI 关于 ROP 的检测,比较知名的有三个: http://securitygossip.com/blog/2016/08/01/2016-08-01/ "
-
[ OpenSourceProject ] OpenSSH 7.3 released http://www.openssh.com/txt/release-7.3 minor security fixes, a few small features & bugfixes. Final release with SSH1 server support!
"OpenSSH 7.3 版本发布,本次更新修复了多个漏洞: https://t.co/yK4g5UE4oE "
-
[ OpenSourceProject ] A flaw related to how Intel’s Crosswalk handles SSL certificates exposes mobile apps to MitM attacks http://www.securityweek.com/ssl-flaw-intel-crosswalk-exposes-apps-mitm-attacks
" Intel 开源组件 Crosswalk 在处理 SSL 证书时存在漏洞,多款手机 APP 可被中间人劫持攻击: https://t.co/mum1cs9rRI "
-
[ Others ] Our Vuln Research team (here at @ cylanceinc) disclosed some issues in the Crestron AM-100: https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2016-05-001.md https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2016-05-002.md
" Cylance 团队在 Crestron AM-100 会议简报解决方案系统中发现了两个漏洞︰ https://t.co/jHc0i4btU0 https://t.co/6mDBxzckQC"
-
[ Windows ] Driver Signing changes in Windows 10, version 1607 - https://blogs.msdn.microsoft.com/windows_hardware_certification/2016/07/26/driver-signing-changes-in-windows-10-version-1607/
"从 Windows 10 1607 版本开始,没有 Windows 开发者中心签名的硬件驱动将不会被加载: https://t.co/abBEfv1Rgu"
-
[ Windows ] Our paper "How to Break Microsoft Rights Management Services" will be presented at #woot16. Results in short: https://web-in-security.blogspot.de/2016/07/how-to-break-microsoft-rights.html
" 如何攻击 Windows 权限管理服务(RMS)︰ https://t.co/jqN7UaMLtH"
-
[ Windows ] Slick technique to make Win10 call LoadLibrary on DLL pointed to by Registry when accepting RDP sessions. #DFIR https://twitter.com/Hexacorn/status/758778031964028929
" Windows 10 在接受远程桌面(RDP)会话时,会读取某个注册表项,并尝试加载该表项 PATH 路径指定的 DLL: http://www.hexacorn.com/blog/2016/07/28/beyond-good-ol-run-key-part-43/ 注册表项为: HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns\TestDVCPlugin "
