腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/10/23

Binni Shah @binitamshah

[ Android ] TCP over sound on Android : https://github.com/quiet/org.quietmodem.Quiet

" 在 Android 上通过扬声器传输 TCP 数据报文︰ https://t.co/YrYl3P0W8e"
Android Tamer @AndroidTamer

[ Android ] DirtyCow CVE-2016-5195: Android PoC: https://github.com/timwr/CVE-2016-5195

"DirtyCow 漏洞（CVE-2016-5195） Android 版本的 PoC: https://t.co/iGmrrAeoOe"
J Wolfgang Goerlich @jwgoerlich

[ Attack ] SAP Cyber Threat Intelligence Report – October 2016 https://www.infosecisland.com/blogview/24837-SAP-Cyber-Threat-Intelligence-Report--October-2016.html

"来自 SAP 的网络威胁情报报告（2016.10）： https://t.co/DPeY4DnXc2"
Giuseppe `N3mes1s` @gN3mes1s

[ Defend ] Secure Application Programming in the Presence of Side Channel Attacks - https://www.riscure.com/benzine/documents/Paper_Side_Channel_Patterns.pdf

" 侧信道攻击的各种模型以及如何在软件开发过程中防御： https://t.co/mJYmtGrFLK"
Enno Rey @Enno_Insinuator

[ Hardware ] HydraBus/HydraFW Wiki https://github.com/bvernoux/hydrafw/wiki, by @ bvernoux https://t.co/YPfyVZXkmy

" HydraBus/HydraNFC 硬件的官方固件 HydraFW： https://t.co/4u7cVAXYYg "
Giuseppe `N3mes1s` @gN3mes1s

[ Linux ] The Missing Link: Explaining ELF Static Linking, Semantically - https://www.cl.cam.ac.uk/~pes20/rems/papers/oopsla-elf-linking-2016.pdf

" 从语义上解释 ELF 的静态链接过程： https://t.co/87TzHu1hVi"
Binni Shah @binitamshah

[ Linux ] Linux kernel Concepts : https://github.com/0xAX/linux-insides/tree/master/Concepts cc @ 0xAX

"Linux 内核中 Per-CPU variables、CPU masks 以及 initcall 的概念解释︰ https://t.co/QdG40PWlTb "
Nicolas Krassas @Dinosn

[ Malware ] Analysis of Rig Exploit kit: from visiting a compromised site to getting infected with ransomware https://www.uperesia.com/analyzing-rig-exploit-kit

" Rig Exploit kit 分析 - 从访问宿主页面到感染勒索软件： https://t.co/eYyUU6qicc "
Nicolas Krassas @Dinosn

[ Malware ] Beware of Hicurdismos: It’s a fake Microsoft Security Essentials installer that can lead to a support call scam https://blogs.technet.microsoft.com/mmpc/2016/10/21/beware-of-hicurdismos-its-a-fake-microsoft-security-essentials-installer-that-can-lead-to-a-support-call-scam/

" 小心 Hicurdismos，这是个假 Installer，会使用户接到技术支持诈骗电话： https://t.co/wcXhlIfjkd"
Threatpost @threatpost

[ Network ] Just filed: #Mirai-fueled #IoT botnet behind #DDoS attacks on DNS providers - http://bit.ly/2eCWhW9 https://t.co/iVjOIxQ9Uo

" DNS 提供商 Dyn 被 DDoS 攻击背后的 Mirai IoT Botnet，来自 ThreatPost 的报道： https://t.co/Wm6CLUQKF1 该攻击导致了美国多个知名网站出现无法访问的情况，来自 FreeBuf 的报道： http://www.freebuf.com/news/117403.html 关于这一波的 DDoS 攻击，Twitter 出现了一个专门的账号： https://twitter.com/miraiattacks "
雪碧0xroot @cn0Xroot

[ OpenSourceProject ] iPhone 6 VoLTE with Unified Core Network https://www.youtube.com/watch?v=ReMZCIt_nK8&feature=share http://docs.yate.ro/wiki/Download #SDR https://t.co/GYwZYLlGQT

"基于开源电话引擎 Yate 实现的 iPhone 6 VoLTE： https://www.youtube.com/watch?v=ReMZCIt_nK8& ; Yate 官网： https://t.co/zB26vNIBPE "
scumjr @scumjr_

[ Others ] Another DirtyCow PoC which relies on ptrace and targets vDSO: https://github.com/scumjr/dirtycow-vdso

" 利用 Ptrace 和 vDSO 实现提权的 DirtyCow PoC: https://t.co/dYMXReenmM"
John Kozyrakis @ikoz

[ Others ] So it appears that Google implemented a new iOS C hooking framework to replace Facebook's fishhook: https://github.com/google/EarlGrey/blob/4e37c7509e949d2d7602008e1ef1003614631ef8/EarlGrey/Common/GREYInterposer.m

" Google 开源的 iOS UI 自动化测试框架 EarlGrey︰ https://github.com/google/EarlGrey 里面实现了一个新的 iOS C Hooking 框架： https://t.co/t4pCBj3Lch "
Arrigo Triulzi @cynicalsecurity

[ Others ] Neighbours! The latest PoC||GTFO 0x13 is up on the EU #IPv6-enabled mirror https://www.alchemistowl.org/pocorgtfo/

" PoC||GTFO 杂志的第 0x13 期发布了： https://t.co/qD2iVPJ0x6"
Dmytro Oleksiuk @d_olex

[ Others ] My new article is up, “Exploiting AMI Aptio firmware on example of Intel NUC”: http://blog.cr4.sh/2016/10/exploiting-ami-aptio-firmware.html Code: https://github.com/Cr4sh/Aptiocalypsis

" 攻击基于 AMI Aptio 固件的 Intel NUC: https://t.co/KxGKqdRBDG 利用代码︰ https://t.co/QLha6NQt8i"
Dmytro Oleksiuk @d_olex

[ Others ] Quick summary on vulnerable Intel and AMI UEFI drivers from my recent article: 1) https://raw.githubusercontent.com/Cr4sh/Aptiocalypsis/master/reports/Intel_NUC_AMI_vuln.txt 2) https://raw.githubusercontent.com/Cr4sh/Aptiocalypsis/master/reports/Intel_NUC_ITK_vuln.txt

" Intel AMI SMM 代码执行漏洞： https://t.co/juJ8mkUSw5 Intel UEFI ITK 驱动代码执行漏洞： https://t.co/qHEbGVbYyu"
Nicolas Krassas @Dinosn

[ Pentest ] Post-exploitation framework (and an interactive shell) developed in Bash shell scripting https://github.com/SafeBreach-Labs/pwndsh

" PWND.SH - 后渗透阶段的攻击框架，Bash shell 脚本编写： https://t.co/w73mX6QNob 作者在 SkyDogCon 2016 会议关于这个工具的演讲： http://www.ikotler.org/JustGotPWND.pdf "
John Matherly @achillean

[ Tools ] Are your IoT devices publicly accessible on the Internet? Check with this simple tool: http://iotscanner.bullguard.com/

" IoT Scanner - 检查一下自己的 IoT 设备是否能被公网访问︰ https://t.co/p04QJn2gpi"
MobiSek @_MobiSek

[ Web Security ] How I bypassed Paypal Two Factor Auth in less than 5 minutes: https://henryhoggard.co.uk/blog/Paypal-2FA-Bypass

"我是如何在 5 分钟内绕过 Paypal 的双因素身份验证的︰ https://t.co/eoqulgwj33"
Binni Shah @binitamshah

[ Windows ] Securing Windows Workstations : Developing a Secure Baseline : https://adsecurity.org/?p=3299 cc @ PyroTek3

" Windows 工作站安全加固指南︰ https://t.co/6XcPyYl5O1 "

2016/10/23