腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] Massive hacking campaign on Joomla sites via recently patched flaws http://securityaffairs.co/wordpress/52904/cyber-crime/joomla.html
"Sucuri 发现有大规模黑客利用 Joomla 两个近日发布的漏洞 CVE-2016-8870 和 CVE-2016-8869 来进行攻击: https://t.co/cdmbKxb6J0"
-
[ Browser ] A peek into the WebAssembly Browser Preview http://blogs.windows.com/msedgedev/2016/10/31/webassembly-browser-preview/ https://t.co/CUnPzFkSx1
"WebAssembly Browser Preview: https://blogs.windows.com/msedgedev/2016/10/31/webassembly-browser-preview/#kvKPLOBh0uS2Xgxy.97"
-
[ Conference ] Ruxcon 2016 slides: https://ruxcon.org.au/slides
"2016 Ruxcon 大会议题幻灯片现可下载︰ https://t.co/TQcccWQMc0"
-
[ Linux ] vlany : Linux LD_PRELOAD rootkit (x86 and x86_64 architectures) : https://github.com/mempodippy/vlany
"Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)︰ https://t.co/Yssk4oP4ae"
-
[ Malware ] New post: Masque Attack Abuses iOS’s Code Signing to Spoof Apps and Bypass Privacy Protection http://bit.ly/2f8pJCd @ TrendMicro
"针对 iOS 的 Masque Attack 威胁依然存在,Masque Attack 漏洞曾于2014年出现过,后被修复: https://t.co/WoCKLZsbqB"
-
[ Malware ] Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide https://blog.avast.com/android-trojan-gm-bot-is-evolving-and-targeting-more-than-50-banks-worldwide
"Android 木马 GM Bot 持续蔓延,目标瞄准了超过全球 50 家银行: https://t.co/207I9EiLP2"
-
[ Malware ] New post: CVE-2016-3298: Microsoft Puts the Lid on Another IE Zero-day Used in AdGholas Campaign http://bit.ly/2f9OEpi @ TrendMicro
" 微软修复了 AdGholas 组织用的一个 IE 0Day(CVE-2016-3298): https://t.co/d1GX2oB3vf "
-
[ MalwareAnalysis ] Malware Analysis - Malware Hunting and Classification with YARA : https://www.youtube.com/watch?v=PDnFJe9qrLA (Video)
"使用恶意软件识别分类工具 YARA 来分析恶意程序【video】: https://t.co/aPM4NlDjdl"
-
[ Others ] #ShadowBrokers dumps lists of #EquationGroup hacked servers - http://bit.ly/2escYm1
"ShadowBrokers 导出了方程式组织黑掉的服务器列表: https://t.co/0MnPAgraeW"
-
[ Popular Software ] Microsoft extends malicious macro protection to Office 2013 http://oak.ctx.ly/r/5791w @ threatpost
"Microsoft 增加新特性来打击针对 office 2013 基于宏攻击的恶意软件: https://t.co/pvIeLv7o9d"
-
[ Vulnerability ] Vulnerability Spotlight: Remotely Exploitable Bugs in Memcached Identified and Patched http://blog.talosintel.com/2016/10/memcached-vulnerabilities.html
"开源的分布式内存对象缓存系统 Memcached 存在整数溢出漏洞,可导致远程代码执行: https://t.co/P8FLfJQ8gw "
-
[ Windows ] New Blog Post - Verification of Windows New Security Features – LSA Protection Mode and Credential Guard ^KI https://t.co/vp44MzkSow
"对 Windows LSA 保护模式和 Credential Guard 两种特性的测评: https://t.co/vp44MzkSow"
-
[ Windows ] #DailyBug #MicrosoftEdge NULL pointer Layout։։Patchable〈...〉։։Readable https://github.com/SkyLined/Bugs/commit/321b10680be19e761e8afd5a9aab9e8c92cac49b #EdgeBug
"MicrosoftEdge NULL pointer Layout։։Patchable〈...〉։։Readable: https://t.co/mNwmUiAJ96"
-
[ Windows ] Microsoft Kernel Integer Overflow Vulnerability http://blog.fortinet.com/2016/10/31/microsoft-kernel-integer-overflow-vulnerability
"Windows 内核注册表组件的一个整数溢出漏洞(CVE-2016-0070),来自 Fortinet: https://t.co/GJTIciFfLY"
-
[ Windows ] Google Threat Analysis Group drop info about unpatched, actively exploited Win32k local privilege escalation 0day https://t.co/bVWrEo4CZC
"Google 揭露了 Windows 内核 Win32k 本地提权 0day 漏洞: https://t.co/bVWrEo4CZC "
-
Xuanwu Spider via 看雪学院公众号[ Android ] 安卓Stagefright高危漏洞分析学习总结: http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458280387&idx=1&sn=f0873e2fbdf92605fd0da791eb8028cc&chksm=b181514986f6d85f0598ba8f301ee3267f6ed97d2b31413c848b97148cabc491f13c1f3d4e90&mpshare=1&scene=23&srcid=1101iVXH0aYuHbljjv96xVaQ#rd
-
Xuanwu Spider via FreeBuf
[ Linux ] Linux平台'盖茨木马'分析: http://www.freebuf.com/articles/system/117823.html
-
Xuanwu Spider via 上海交大 GoSSIP
[ Android ] 一种 Android 系统中断时序分析旁路攻击方法: https://loccs.sjtu.edu.cn//gossip/blog/2016/10/31/2016-10-31/