腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/11/03

Mike_Mimoso @Mike_Mimoso

[ Android ] Belkin’s WeMo Gear Can Hack Android Phones: https://threatpost.com/belkins-wemo-gear-can-hack-android-phones/121730/ via @ threatpost

" Belkin 办公自动化系统 WeMo 存在漏洞，攻击者可以控制家庭自动化设备： https://t.co/UCVCHOhSLj"
alexander knorr @opexxx

[ macOS ] A new MacOS kernel extension using Capstone inside: AppleALC to add native HD audio support for unofficially codecshttp://bit.ly/2f03v6h —…

"AppleALC - 一款开源的 OS X 内核扩展，用于启用 Native OS X HD Audio： http://bit.ly/2f03v6h "
Nicolas Krassas @Dinosn

[ Malware ] New IoT Linux IRCTelnet Botnet Wreaks Havoc http://bestsecuritysearch.com/new-iot-linux-irctelnet-botnet-wreaks-havoc/

"IoT Linux IRCTelnet 僵尸网络： https://t.co/TF4XVO3M5o"
Th0m4s @nyx__o

[ MalwareAnalysis ] @ GoSecure_Inc and @ ESET collaboration on #Linux #Moose #IoT http://gosecure.net/2016/11/02/exposing-the-ego-market-the-cybercrime-performed-by-the-linux-moose-botnet/ http://www.welivesecurity.com/2016/11/02/linuxmoose-still-breathing/

"针对 Linux/Moose 恶意软件的分析： http://www.welivesecurity.com/2016/11/02/linuxmoose-still-breathing/"
Tencent's Xuanwu Lab @XuanwuLab

[ Mitigation ] Microsoft introduced a new exploit mitigation "RFG" in Windows 10 Redstone 2 14942 to protect return address: http://xlab.tencent.com/en/2016/11/02/return-flow-guard/

" 微软在 Windows 10 Redstone 2 14942 版本中加入 'RFG' 缓解措施，用于在 CFG 的基础上加强对返回地址的防护︰ http://xlab.tencent.com/cn/2016/11/02/return-flow-guard/ "
Nicolas Krassas @Dinosn

[ Others ] Bypassing Two-Factor Authentication on OWA and Office365 Portals http://www.blackhillsinfosec.com/?p=5396

"在 OWA 和 Office365 门户网站 https://t.co/0yP6D7oT28 上绕过双因素身份验证"
Justin Seitz @jms_dot_py

[ Others ] SMS Scam Investigation in 30 Minutes Or Less – Medium http://bit.ly/2fenhMq

"诈骗短信调查： https://t.co/DzrtHU1w4c"
Nicolas Krassas @Dinosn

[ Others ] [local] - MySQL / MariaDB / PerconaDB - 'root' Privilege Escalation https://www.exploit-db.com/exploits/40679/

"MySQL / MariaDB / PerconaDB-提权/条件竞争漏洞： https://t.co/XFdg6ocNF0"
Yifan @yifanlu

[ Others ] 3) SDK with plugin and kernel module support! Davee will release in the morning. Updated specifications: https://t.co/jtNuOJIRxl

"Vita SDK 手册︰ https://t.co/jtNuOJIRxl"
Yifan @yifanlu

[ Others ] Vita kernel explosion! We are releasing a CFW framework and three other things: https://yifan.lu/2016/11/01/taihen-cfw-framework-for-ps-vita/

" taiHEN - 为 PS Vita 编写应用级和内核级 Patch 的框架︰ https://t.co/xLG5IhUdkF"
Nicolas Krassas @Dinosn

[ Others ] Targeted Bruteforcing – Mining patterns in passwords to make bruteforcing easy http://fsecurify.com/targeted-bruteforcing-mining-patterns-to-make-brute-forcing-easy/

" 有针对性的密码暴力破解技术： https://t.co/8s6jIPBpjy "
SHARCS @sharcs_project

[ Others ] #SHARCS paper has been published on CCS 2016: Drammer: Deterministic Rowhammer Attacks on Mobile Platforms https://t.co/LJehqAYQhQ

" SHARCS 已公开的 Papers 列表： https://t.co/LJehqAYQhQ 其中新增加了 CCS 2016 会议上谈移动平台 Rowhammer 攻击的 Paper"
スカイラインド‼ @berendjanwever

[ Others ] #DailyBug #MSIE11 MSHTML CView::CalculateImageImmunity UAF Details and repro in my blog post at http://blog.skylined.nl/20161102001.html

" IE 11 MSHTML CView::CalculateImageImmunity UAF： https://t.co/Ivve3tKDRR"
Full Disclosure @SecLists

[ Popular Software ] CVE-2016-8583 - Alienvault OSSIM/USM Reflected XSS https://goo.gl/fb/lyC7T1 #FullDisclosure

"安全管理软件 Alienvault OSSIM/USM 中存在反射型 XSS（CVE-2016-8583）： https://t.co/Zn3KNmWZZa "
Cure53 @cure53berlin

[ Tools ] DOMPurify 0.8.4 is out, with updated MentalJS demo & more powerful hooks, ready for custom HTML element handling https://t.co/AZBBkw8giF

"DOMPurify 0.8.4 发布，更新了 MentalJS 沙箱 https://t.co/AZBBkw8giF "
Andrey Karpov @Code_Analysis

[ Tools ] Static code analyzer for Ubuntu. http://insights.ubuntu.com/2016/11/02/static-code-analyzer-for-ubuntu/ (#ubuntu, #devops, #programming, #cpp, #codeanalysis,… https://t.co/lP9K8pRG0M

" PVS-Studio 的开发者为 Ubuntu 移植了一个版本，用于发现 Linux 系统的漏洞： https://t.co/oNC3VQnIwX "

Xuanwu Spider via 安卓巴士

[ Android ] Android线上Bug热修复分析： http://mp.weixin.qq.com/s?__biz=MzA3MjgwNDIzNQ==&mid=2651939553&idx=1&sn=70337aa12319dbb01ba974c1bf30405f&chksm=84fd7005b38af913108a09ff581464a657935bb241682cf7f9618bfb5566ba80b9cf6e3b8938&scene=0#wechat_redirect
Xuanwu Spider via 初心を忘れず

[ IoTDevice ] Pwn A Camera Step by Step (Web ver.)（一步步 Pwn 掉摄像头）： https://ricterz.me/posts/Pwn%20A%20Camera%20Step%20by%20Step%20%28Web%20ver.%29?_=1478057500480
Xuanwu Spider via Seebug

[ OpenSourceProject ] MySQL / MariaDB / PerconaDB 提权/条件竞争漏洞（CVE-2016-6663）： https://www.seebug.org/vuldb/ssvid-92510 MySQL / MariaDB / PerconaDB 权限提升漏洞（CVE-2016-6664）： https://www.seebug.org/vuldb/ssvid-92513
Xuanwu Spider via Solidot

[ Browser ] 因隐私担忧 Firefox 移除对电池状态API的支持： http://www.solidot.org/story?sid=50220
Xuanwu Spider via Cisco Talos

[ Windows ] Windows 10 AHCACHE.SYS 远程拒绝服务漏洞： http://blog.talosintel.com/2016/11/vulnerability-spotlight-windows-10.html

2016/11/03