腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] New post: Security Update Patches 13 Android Vulnerabilities Discovered by Trend Micro http://bit.ly/2ehZewA @ TrendMicro
"Trend Micro 回顾了由自家发现的值得关注的13个 Android 漏洞: https://t.co/4IiI5760z9"
-
[ Attack ] Google Adwords Malvertising Campaign Targets Apple Macs http://www.darkreading.com/attacks-breaches/google-adwords-malvertising-campaign-targets-apple-macs-/d/d-id/1327357
"本篇文章谈到上周如果 Apple Mac 的用户使用了 Google 搜索引擎,那么可能受到来自恶意广告的感染: https://t.co/RwNacTw5Ju"
-
[ Browser ] Chromium Win32k system call lockdown https://docs.google.com/document/d/1gJDlk-9xkh6_8M_awrczWCaUuyr0Zd2TKjNBCiPO_G4/edit#
" Google 爆出最近有 win32k 的 0Day 正在野外被攻击者利用,Google 同时表示, Chromium 浏览器不受影响,原因是它有 Win32k System Call Lockdown 保护特性: https://t.co/eJyyfDU66m"
-
[ Fuzzing ] Mozilla LibFuzzer NSS corpus https://github.com/mozilla/nss-fuzzing-corpus
"Mozilla LibFuzzer NSS 语料库: https://t.co/4Vl7ZdxIC1"
-
[ Fuzzing ] Google is launching a hosted free fuzzing service for OSS projects; tracking it for @ openmirage here https://github.com/mirage/mirage/issues/642
"Google 为 OSS 项目发起了一个免费的 fuzz 服务: https://t.co/k0E44BOMKB https://github.com/google/oss-fuzz "
-
[ Fuzzing ] System call fuzzing of OpenBSD amd64 using TriforceAFL (i.e. AFL and QEMU) https://github.com/nccgroup/TriforceOpenBSDFuzzer
"使用 Triforce AFL 来 fuzz OpenBSD amd64 的系统调用: https://t.co/9tbudjUA7h"
-
[ Linux ] Nginx remote , CVE-2016-1247 https://security-tracker.debian.org/tracker/CVE-2016-1247
"Debian 的漏洞跟踪网站对 Nginx CVE-2016-1247 远程漏洞修复情况的跟踪: https://t.co/N6crkQnpkt"
-
[ macOS ] [dos] - Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free https://www.exploit-db.com/exploits/40652/
"Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free: https://t.co/vF9YtxQJ44"
-
[ Malware ] Phony Android Flash Player Installs Banking Malware: https://threatpost.com/phony-android-flash-player-installs-banking-malware/121696/ via @ threatpost
"一款针对 Android 设备的假 Flash Player 通过诱使用户下载来安装可窃取信用卡信息的恶意银行软件: https://threatpost.com/phony-android-flash-player-installs-banking-malware/121696/ "
-
[ Malware ] New #IoT botnet malware borrows from #Mirai - http://bit.ly/2ewH7Rv https://t.co/m1C4IeJg2I
"Mirai 的‘继承者’,新 IoT 恶意软件被发现,来自 Threatpost: https://threatpost.com/new-iot-botnet-malware-borrows-from-mirai/121705/ ; "
-
[ Others ] Video & Slides posted for my #PowerShell attack & defense talk @ BSidesDC: https://adsecurity.org/?page_id=1352 PS obfuscation, d… https://t.co/5ks7r9iXg8
" BSidesDC 会议《Defending the Enterprise from the Latest Attack Platform》 的 PPT: https://adsecurity.org/?page_id=1352 该页面还有他们团队在其他会议的历史演讲资料"
-
[ Others ] GPON FTTH networks (in)security #IoT #FTTH #RCE https://pierrekim.github.io/blog/2016-11-01-gpon-ftth-networks-insecurity.html
"GPON FTTH networks (in)security: https://t.co/TbuhTxmnkJ"
-
[ Others ] Abusing GDI for ring0 exploit primitives: Reloaded https://www.coresecurity.com/publication/abusing-gdi-ring0-exploit-primitives-reloaded
"Abusing GDI for ring0 exploit primitives: Reloaded[pdf]: https://t.co/6urESYehbw"
-
[ Popular Software ] Adobe Flash: Overflow in Rastering https://bugs.chromium.org/p/project-zero/issues/detail?id=886
"Adobe Flash: Overflow in Rastering: https://t.co/9Galun5Csg"
-
[ Popular Software ] Multiple SQL injection vulnerabilities in dotCMS (8x CVE) https://goo.gl/fb/3sZ8rZ #FullDisclosure
"开源内容管理系统 dotCMS 中的存在多个 SQL 注入漏洞: https://t.co/ndb58f3YIo "
-
[ Tools ] I've published the NtObjectManager #powershell module to the PowerShell Gallery. https://www.powershellgallery.com/packages/NtObjectManager
" James Forshaw 发布了他的 NtObjectManager 工具,该工具用 PowerShell 编写: https://t.co/usCqSz2Kor"
-
[ Windows ] Released a big update to my sandbox tools https://github.com/google/sandbox-attacksurface-analysis-tools. Removed un-managed code, generic NT API library,… https://twitter.com/i/web/status/793448062001741824
"一个针对 Windows 沙箱分析的工具: https://github.com/google/sandbox-attacksurface-analysis-tools"
-
[ WirelessSecurity ] Wireless Security Testing/Hacking/Research cc @ grymoire http://www.grymoire.com/Security/Hardware.html #HardWare #SDR https://t.co/rxGyC2B8Fm
"无线安全测试介绍: http://www.grymoire.com/Security/Hardware.html "
-
[ WirelessSecurity ] Decoding Lora https://revspace.nl/DecodingLora Reversing LoRa. Exploring Next-Generation Wireless [PDF] https://static1.squarespace.com/static/54cecce7e4b054df1848b5f9/t/57489e6e07eaa0105215dc6c/1464376943218/Reversing-Lora-Knight.pdf #Lora #SDR
"LoRa 射频调制格式介绍: https://revspace.nl/DecodingLora 探讨下一代无线 [PDF]: https://t.co/x28sL8nFMt "
-
Xuanwu Spider via FreeBuf[ Pentest ] 中国最大的Webshell后门箱子调查,所有公开大马全军覆没: http://www.freebuf.com/news/topnews/118424.html
-
Xuanwu Spider via 上海交大 GoSSIP
[ Exploit ] JIT-ROP - 在代码段中即时搜索可用的gadgets来绕过ASLR达成攻击: https://loccs.sjtu.edu.cn//gossip/blog/2016/11/01/2016-11-01/
-
Xuanwu Spider via SyScan
[ Conference ] 11 月 24~25 号,SyScan 360 2016 上海会议的议题公布: https://www.syscan360.org/zh/schedule/
-
Xuanwu Spider via Seebug
[ Popular Software ] Memcached 命令执行漏洞(CVE-2016-8704、CVE-2016-8705、CVE-2016-8706)简析: http://paper.seebug.org/95/
-
Xuanwu Spider via Seebug
[ SCADA ] Schneider Electric PowerLogic PM8ECC 模块未授权访问漏洞: https://www.seebug.org/vuldb/ssvid-91958
-
Xuanwu Spider via ThreatPost
[ Attack ] 微软表示最近的 win32k 野外漏洞利用攻击背后的组织是俄罗斯的 GRU: https://threatpost.com/microsoft-says-russian-apt-group-behind-zero-day-attacks/121722/
-
Xuanwu Spider via ThreatPost
[ Browser ] Google 表示,从 2017 年 1 月开始,Chrome 56 版本将不再信任 WoSign 和 StartCom 签发的证书: https://threatpost.com/google-to-distrust-wosign-startcom-certs-in-2017/121709/