腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android 7.1 feature spotlight: Tapping the security patch date loads the security bulletin...… https://t.co/8XXQ8PfdF7
"Android 从 7.1 版本开始,将在'关于'界面增加对补丁版本的标识: https://t.co/8XXQ8PfdF7"
-
[ Browser ] Mozilla Turning TLS 1.3 On By Default With Firefox 52: https://threatpost.com/mozilla-turning-tls-1-3-on-by-default-with-firefox-52/121461/ via @ threatpost
"Mozilla Firefox 浏览器从 52 版本开始将默认采用 TLS 1.3 协议: https://t.co/a55Nzuu1a4"
-
[ Challenges ] USD700,000 for Android Chrome RCE+SBX(persistent). Register now at https://www.coseinc.com/en/index.php?rt=pwn0rama
" 11 月底 Pwn0rama 比赛将在上海举办,其中为 Android Chrome RCE+沙箱逃逸 开出的价格是 70 万刀: https://t.co/WnOrtrp1jR 注册"
-
[ Linux ] Local Heap Exploit on an Old RedHat8 Machine into a Local Shell https://woumn.wordpress.com/2016/10/21/local-heap-exploit-on-an-old-redhat8-machine-into-a-local-shell/
" 在 RedHat8 机器上通过一个本地堆利用获取 Shell: https://t.co/wOnqssxwug"
-
[ Malware ] TheMoon - A P2P botnet targeting Home Routers http://blog.fortinet.com/2016/10/20/themoon-a-p2p-botnet-targeting-home-routers
"TheMoon - 一款针对家用路由器的 P2P Botnet: https://t.co/KzTjjQay2y "
-
[ MalwareAnalysis ] How Modern Banking Trojans Obstruct Malware Analysis https://info.phishlabs.com/blog/how-modern-banking-trojans-obstruct-malware-analysis
"银行木马(Zeus、Citadel、Rovnix、Vawtrak、Dridex、Tinba、GozNym)是如何逃避恶意软件分析的: https://info.phishlabs.com/blog/how-modern-banking-trojans-obstruct-malware-analysis"
-
[ MalwareAnalysis ] Unfolding the Mystery of Cerber Ransomware’s Random File Extension https://blogs.mcafee.com/mcafee-labs/unfolding-the-mystery-of-cerber-ransomwares-random-file-extension/
-
[ Popular Software ] Foxit Reader for Linux and Mac: Local PrivEsc Writeup or How not to do Linux File Permissions https://c0d.ist/cve-2016-8856-foxit-reader-local-privilege-escalation-writeup/
"Linux 和 Mac 版本福昕阅读器本地提权漏洞的分析和利用(CVE-2016-8856): https://t.co/OIGhFQizbk"
-
[ SCADA ] New blog post! @ WilliamKJardine on his research into IDS for ICS which he's presenting new week @ CPS-SPC in Vienna https://labs.mwrinfosecurity.com/blog/hybrid-approach-to-ics-intrusion-detection/
" 工控系统入侵检测,来自 MWR Labs: https://t.co/1sPXsYk9gF"
-
[ Tools ] Just finished a new tool: PatchClean PowerShell Script - prioritizes 30day or newer files parsed from PatchExtract https://t.co/1bjImu0UCZ
" PatchClean,依赖 PatchExtract,提取出有可能是最近更新过的二进制文件: https://t.co/1bjImu0UCZ"
-
[ Tools ] Command and Shell Code Injection Scenarios with Commix and Shellter http://resources.infosecinstitute.com/command-and-shell-code-injection-scenarios-with-commix-and-shellter/ #infosec via @ InfosecEdu
" 基于 Commix 和 Shellter 工具的命令注入和 Shellcode 注入: https://t.co/SjMzvjbXZp "
-
[ Tools ] Write C++ code in the browser and see the compiled x86 assembly code in real time! (by @mattgodbolt) #awesome https://t.co/izBdqOeYUF
" 在浏览器中敲代码实时查看汇编结果的在线工具,支持多种版本的 gcc 编译器: https://t.co/izBdqOeYUF"
-
[ Windows ] PoC for an arbitrary directory creation bug in LXSS using only a batch file ;-) https://bugs.chromium.org/p/project-zero/issues/detail?id=891
" Windows 的 Linux 子系统存在一个任意目录创建漏洞,漏洞的触发仅需要一个批处理文件。通过这个漏洞可以实现提权,来自 Project Zero: https://t.co/gNucPl7tTX"
-
[ WirelessSecurity ] [remote] - Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit) https://www.exploit-db.com/exploits/40609/?rss
"Hak5 WiFi Pineapple - Preconfiguration Command Injection: https://t.co/7dkuTDs4Rt"