腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android Security: Welcome To Shell (Permissions) http://doridori.github.io/Android-Security-welcome-to-shell/ #androiddev
" Welcome To Shell,Android APP 启动的 Shell 与 ADB 启动的 Shell 权限一样吗: https://t.co/XEHSFOlS3p "
-
[ Android ] Bypassing SSL Pinning in Android Applications https://serializethoughts.com/2016/08/18/bypassing-ssl-pinning-in-android-applications/
" 以 Facebook Messenger 为例介绍如何绕过 Android App 的 SSL Pinning 检查: https://t.co/Cj4tXv4ddi"
-
[ Browser ] ZDI-16-486: Apple Safari Array.splice Out-Of-Bounds Access Remote Code Execuction Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-486/
"ZDI-16-486︰ Apple Safari Array.splice 越界访问 RCE(CVE-2016-4622): https://t.co/DEnPk4KM8G"
-
[ Bug Bounty ] List of Wordpress vulnerabilities found during Summer of Pwnage https://sumofpwn.nl/advisories.html https://www.securify.nl/blog/SFY20160801/summer_of_pwnage__one_month_of_wordpress_pwning.html
" 为期一个月的 'Summer of Pwnage' 活动中发现的 WordPress 漏洞列表: https://t.co/8cIBrSS44y https://t.co/peDWy5EEwm "
-
[ Crypto ] Many PGP keys with colliding KeyID have been uploaded to keyservers. Check your GPG fingerprints! Details here: https://evil32.com
" 利用 GPU,仅需 4 秒就可以碰撞出一个 32 位的 KeyID︰ https://t.co/47Esa4TyD8"
-
[ Crypto ] Manually Testing SSL/TLS Weaknesses 2016 Edition http://contextis.com/resources/blog/manually-testing-ssltls-weaknesses-2016-edition/
"手工测试 SSL/TLS 的常见漏洞,来自 Context Blog: https://t.co/8oHl2pNqXy"
-
[ Detect ] Using WMI to monitor malicious activity https://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html #DFIR #windows #WMI #ThreatHunting (source: https://github.com/realparisi/WMI_Monitor)
" 基于 WMI 的恶意行为监控,来自 FireEye: https://t.co/cjrmPHDSK7 FireEye 还公开了一个监控脚本: https://t.co/uG4Sdy4hot "
-
[ iOS ] Concise by precise summary of "Security and Privacy Changes in iOS 10" by @ nabla_c0d3 https://nabla-c0d3.github.io/blog/2016/08/16/ios10-changes/
" iOS 10 在隐私和安全性方面的变化: https://t.co/0ZeCKWyrvO"
-
[ Linux ] [CVE-2016-6828] Linux kernel tcp related read Use After Free - https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html
" Marcograss 发现的 Linux 内核 TCP 相关的一个 UAF 漏洞(CVE-2016-6828): https://t.co/plc6kOzifl"
-
[ macOS ] Google’s Santa macOS malware sniffer goes open source http://www.zdnet.com/article/googles-santa-os-x-malware-sniffer-goes-open-source/#ftag=RSSbaffb68
" macOS 系统基于黑、白名单的恶意软件检测工具 Santa 开源了,来自 Google: https://t.co/u7LI9OZVit"
-
[ Mitigation ] Our slides at HitCon2016 taking about flash exploit mitigation techniques: https://speakerdeck.com/yukichen/exploit-adobe-flash-under-the-latest-mitigation
" 《Exploit Adobe Flash Under the Latest Mitigation》,来自古河在 HitCon 会议的演讲,介绍的是 Flash 漏洞利用缓解措施的演进过程以及相应的攻击方法︰ https://t.co/YVeoMRmSYZ 这也是古河前天在 ISC 大会演讲的 PPT"
-
[ NetworkDevice ] Cookie Parser Buffer Overflow Vulnerability in FortiGate firmware (FOS) released before Aug 2012 http://fortiguard.com/advisory/cookie-parser-buffer-overflow-vulnerability
" Fortinet 修复了方程式组织压缩包中泄漏的 FortiGate 固件 0Day: https://t.co/EruOuiBJWu"
-
[ NetworkDevice ] EGREGIOUSBLUNDER Fortigate Remote Code Execution https://packetstormsecurity.com/files/138387/EGREGIOUSBUNDER.tgz
" EGREGIOUSBLUNDER Fortigate 防火墙 RCE Exploit,来自 Shadow Brokers 泄漏的方程式压缩包: https://packetstormsecurity.com/files/138387/EGREGIOUSBUNDER.tgz "
-
[ NetworkDevice ] ELIGIBLEBOMBSHELL TOPSEC Remote Code Execution https://packetstormsecurity.com/files/138389/ELIGIBLEBOMBSHELL.tgz
" ELIGIBLEBOMBSHELL TOPSEC 防火墙 RCE Exploit,来自 Shadow Brokers 泄漏的方程式压缩包: https://packetstormsecurity.com/files/138389/ELIGIBLEBOMBSHELL.tgz "
-
[ NetworkDevice ] ELIGIBLECANDIDATE TOPSEC Remote Code Execution https://packetstormsecurity.com/files/138390/ELIGIBLECANDIDATE.tgz
" ELIGIBLECANDIDATE TOPSEC 防火墙 RCE Exploit,来自 Shadow Brokers 泄漏的方程式压缩包: https://packetstormsecurity.com/files/138390/ELIGIBLECANDIDATE.tgz "
-
[ NetworkDevice ] ESCALATEPLOWMAN WatchGuard Privilege Escalation https://packetstormsecurity.com/files/138393/ESCALATEPLOWMAN.tgz
"ESCALATEPLOWMAN WatchGuard 防火墙提权 Exploit,来自 Shadow Brokers 泄漏的方程式压缩包: https://t.co/Ada0Tekpky"
-
[ OpenSourceProject ] .#GPG Patches 18-Year-Old #Libgcrypt RNG Bug: https://threatpost.com/gpg-patches-18-year-old-libgcrypt-rng-bug/119984/ via @ threatpost
" GPG 修复了 Libgcrypt 随机数生成器存在 18 年的一个 Bug,来自 ThreatPost 的报道: https://t.co/KL8eFfXEoa"
-
[ Operating System ] Google is building a mysterious new non-Linux-based open source OS called "Fuchsia" http://www.androidauthority.com/we-compiled-fuchsia-os-710491/
" Google 正在构建一个新操作系统 Fuchsia,该操作系统不是基于 Linux: https://t.co/wHMQ239ifZ"
-
[ Others ] A new quick post on a Neutrino EK / Rig EK Flash file https://pcsxcetrasupport3.wordpress.com/2016/08/16/a-look-at-a-cross-bred-neutrino-ek-rig-ek-flash-file/
" 一个混合 Neutrino EK/Rig EK Flash 样本的分析: https://t.co/BnrY4JqetY"
-
[ SecurityProduct ] ZDI-16-484: AVG Internet Security avgtdix.sys Kernel Memory Corruption Privilege Escalation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-484/
"ZDI-16-484: AVG avgtdix.sys 0x534a600c ioctl 内存破坏漏洞: https://t.co/DnttTWhQb2"
-
[ Windows ] Slides for my presentation "Object Oriented Exploitation: New techniques in Windows mitigation bypass" are up at http://www.slideshare.net/_s_n_t/object-oriented-exploitation-new-techniques-in-windows-mitigation-bypass
" 面向对象的漏洞利用 - Windows 漏洞利用缓解绕过的新技术: https://t.co/6oBKoCaiou"
-
[ Windows ] (Ab)Using environment variables to bypass UAC and elevate privileges http://breakingmalware.com/vulnerabilities/elastic-boundaries-elevating-privileges-by-environment-variables-expansion/ https://t.co/XvvWulhS5R
"滥用环境变量,绕过 UAC 并提权: https://t.co/DSiVG0MDZE "
-
[ Windows ] Open sourced #PowerShell now on GitHub to download for Windows, Linux and Mac OS X: https://github.com/PowerShell/PowerShell
" 微软开源了 PowerShell,可以在 Windows、 Linux 和 Mac OS X 构建 PowerShell 了: https://blogs.msdn.microsoft.com/powershell/2016/08/18/powershell-on-linux-and-open-source-2/ GitHub Repo: https://t.co/Z1VS3qmKv0 在 OS X 安装 PowerShell 的教程: http://www.invoke-ir.com/2016/08/installing-powershell-on-osx.html "