腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/10/25

Nikolaos Chrysaidos @virqdroid

[ Android ] Android Escape compilation technology - http://blogs.360.cn/360mobile/2016/10/24/android_escape/ (Chinese)

" Android逃逸技术汇编： https://t.co/rppWIJjEAv "
Threatpost @threatpost

[ Android ] #Rowhammer vulnerability comes to #Android - http://bit.ly/2enXxOV

" 利用 Rowhammer 漏洞在 Android 系统上实现 Root 提权，来自 Threatpost 的报道： https://t.co/ZoFFYKdkhU ; 技术细节： https://www.vusec.net/projects/drammer/ ; https://vvdveen.com/publications/drammer.pdf ; https://github.com/vusec/drammer "
Nicolas Krassas @Dinosn

[ Android ] DRAMMER - Deterministic Rowhammer privilege escalation on Android https://www.vusec.net/projects/drammer/

"Drammer: flip feng shui gose mobileflip： https://t.co/f8FYlzbzsW "
Tarjei Mandt @kernelpool

[ iOS ] iOS 10.1 security fixes: https://support.apple.com/en-us/HT207271

"iOS 发布 10.1 版本，本次更新的补丁公告︰ https://t.co/Z8JfZa98oI macOS Sierra 10.12.1 版本的补丁公告： https://support.apple.com/kb/HT207275 Safari 10.0.1： https://support.apple.com/kb/HT207272 "
Threatpost @threatpost

[ IoTDevice ] Chinese manufacturer recalls #IOT gear following @ Dyn #DDoSAttack - http://bit.ly/2eLPeKU #Xiongmai

"中国制造商雄迈决定召回其在美国地区销售的摄像头，原因是这些摄像头被漏洞利用并参与针对 Dyn 的 DDoS 攻击： https://t.co/qSVyVFRicu "
Giuseppe `N3mes1s` @gN3mes1s

[ Linux ] Capturing Packets in Linux at a Speed of Millions of Packets per Second without Using Third Party Libraries - http://kukuruku.co/hub/nix/capturing-packets-in-linux-at-a-speed-of-millions-of-packets-per-second-without-using-third-party-libraries

"不借助第三方库来实现每秒捕获百万个 Linux 数据包： https://t.co/pQfSlG6XLA"
Full Disclosure @SecLists

[ macOS ] Apple macOS 10.12.1/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS https://goo.gl/fb/ogrhHH #FullDisclosure

"Apple macOS 10.12.1/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS： http://seclists.org/fulldisclosure/2016/Oct/86?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29"
Arnaud Malard @sud0man

[ macOS ] How to detect malicious activities on your Mac OS X system with system logs and grep, sort, awk: http://sud0man.blogspot.fr/2016/10/new-version-of-checkout4mac-02.html #macosx #forensics

"一款检测 Mac OS X 系统上安全隐患的工具︰ https://t.co/ljl89Po5Zd #macosx #forensics"
Quequero @quequero

[ Malware ] New Keylogging Method: Event Tracing for Windows (ETW): https://www.cyberpointllc.com/srt/posts/srt-logging-keystrokes-with-event-tracing-for-windows-etw.html https://t.co/CaRksq7BVp

"利用Windows 事件追踪(ETW)来进行键盘记录: https://t.co/r9zng5cOiX https://t.co/CaRksq7BVp"
John Lambert @JohnLaTwC

[ Obfuscation ] Neat post by @ Lee_Holmes on using #PowerShell to find obfuscated Powershell with math :) http://www.leeholmes.com/blog/2016/10/22/more-detecting-obfuscated-powershell/ https://t.co/ruLNL5lg8x

"利用 PowerShell 的 tokenizer 检测被混淆的 PowerShell : https://t.co/p3oV5KfSwb https://t.co/ruLNL5lg8x "
CyberPunk Inc @Hackers_toolbox

[ Tools ] Intel Engine Firmware Analysis Tool: MEAnalyzer https://n0where.net/intel-engine-firmware-analysis-tool-meanalyzer/ #InfoSec #CyberSecurity

"一款英特尔引擎固件分析工具 -- MEAnalyzer： https://t.co/G8TXrNQF6x "
Michael Henriksen @michenriksen

[ Tools ] Introducing Birdwatcher: A data analysis and #OSINT framework for Twitter. http://michenriksen.com/blog/birdwatcher-twitter-osint-framework/

"Birdwatcher -- 一款用于对 Twitter 进行数据分析的工具： https://t.co/UkhbjE2scL"
Alexandre Borges @ale_sp_brazil

[ Tools ] Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection - https://lnkd.in/eCqgx5s

"使用 WinDBG 调试器辅助检测 JavaScript 恶意代码以及浏览器 Exploit： https://t.co/sRpen4RaD2"
Yung Chou @yungchou

[ Windows ] Credential Guard Made Easy for Windows 10 Enterprise Version 1607 https://yungchou.wordpress.com/2016/10/10/credential-guard-made-easy-in-windows-10-version-1607 https://t.co/QQdmtPu9l8 https://t.co/YskxQSMzYc

"在 Windows 10 Enterprise Version 1607 版上配置 Credential Guard ： https://t.co/O86K5mZFSj https://t.co/QQdmtPu9l8 https://t.co/YskxQSMzYc"

Xuanwu Spider via GitHub

[ Conference ] QCon 上海 2016 会议的幻灯片： https://github.com/QConChina/QConShanghai2016
Xuanwu Spider via 皮相

[ Challenges ] 打破结界之战：“机器特工挑战赛”和“极棒跨次元 CTF”：http://mp.weixin.qq.com/s?__biz=MzI0NDA5MDYyNA==&mid=2648256705&idx=1&sn=8a195bc99b02cc7883ee9b90585af21b&scene=1&srcid=0821g5KNq44VvdoZF5guFu7f
Xuanwu Spider via MottoIN

[ Malware ] MS08-067蠕虫样本“分析”： http://www.mottoin.com/90842.html
Xuanwu Spider via MottoIN

[ Pentest ] lonely-shell：使用Go实现的反向Shell： http://www.mottoin.com/90883.html
Xuanwu Spider via MottoIN

[ Language ] unicode同形字引起的安全问题： http://www.mottoin.com/90890.html
Xuanwu Spider via riusksk 的微博

[ Conference ] Hack.lu 2016 会议的 PPT： http://archive.hack.lu/2016/
Xuanwu Spider via 阿里聚安全

[ Android ] 阿里聚安全扫描器之本地拒绝服务检测详解： http://weibo.com/ttarticle/p/show?id=2309404034118919805689
Xuanwu Spider via 吾爱破解论坛

[ Tools ] Jeb v2.2.7.201608151620 破解版： http://www.52pojie.cn/thread-547547-1-1.html
Xuanwu Spider via 乌云 Drops

[ Language ] Redis Lua远程代码执行EXP： http://drops.wiki/index.php/2016/10/24/redis-lua/
Xuanwu Spider via GeekPwn

[ Challenges ] 2016 GeekPwn嘉年华，看极客们如何反转智慧金字塔： http://mp.weixin.qq.com/s?__biz=MzA3Nzc2MjIxOA==&mid=2650316958&idx=1&sn=769e90322212c3de77aee02669f64884&chksm=87411b5bb036924da47f04689fe2ecdaf6052447707391211bd0bd733efdc871fb332931affd&mpshare=1&scene=1&srcid=1025UXHmvxrfm2u1xtr1qTp7#rd

2016/10/25