腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Install Kali Linux on Android Phone http://www.kalitut.com/2015/11/install-kali-linux-on-android-phone.html #android #kalilinux #Linux https://t.co/LgpZiN9KQr
"在 Android 手机上安装 Kali Linux: http://www.kalitut.com/2015/11/install-kali-linux-on-android-phone.html"
-
[ Android ] See our Android N pwning video of #MP2O 2016. Affect all major phones (e.g. Pixel, Nexus), bugs disclosed and fixed. https://youtu.be/zcVsyA4Imys
"Mobile Pwn2Own 2016 上攻破 Android N 的 DEMO 视频,来自腾讯科恩实验室: https://t.co/7MyfTJ9Zzv"
-
[ Android ] OpenGApps launches its own app for quick and easy Google Apps package downloads [APK Download]… https://t.co/h7kyt3ivwS
"OpenGApps 发布了自己的 APP: https://t.co/h7kyt3ivwS"
-
[ Attack ] New post: Pawn Storm Ramps Up Spear-phishing Before Zero-Days Get Patched http://bit.ly/2fDsGLh @ TrendMicro
"间谍组织 Pawn Storm 在10月底至11月初期间利用多个 0day 对政府及大使馆发起攻击: https://t.co/mvGPSfdhlq "
-
[ Attack ] Using SSRF to Pivot into an Internal Network (pdf) https://seanmelia.files.wordpress.com/2016/07/ssrf-to-pivot-internal-networks.pdf
"利用服务端请求伪造攻击进入内网(pdf): https://t.co/NY3mXG7fa5"
-
[ Browser ] Browser modifier with rootkit capabilities - BrowserModifier:Win32/Soctuseer https://blogs.technet.microsoft.com/mmpc/2016/11/08/msrt-november-2016-unwanted-software-has-nowhere-to-hide-in-this-months-release/ by @ msftmmpc
"BrowserModifier:Win32/Soctuseer: https://t.co/BDcd6Y07fl"
-
[ MalwareAnalysis ] The first cryptor to exploit Telegram https://securelist.com/blog/research/76558/the-first-cryptor-to-exploit-telegram/
"第一个攻击 Telegram Messenger 的 cryptor: https://t.co/b6496uEM0x"
-
[ MalwareAnalysis ] Microsoft Word Intruder 8 Adds Support for Flash Vulnerability CVE-2016-4117: http://bddy.me/2ftLXjt via… https://t.co/QYPXi9SbyU
"Microsoft Word Intruder 8 攻击套件又新集成了多个漏洞利用: https://www.proofpoint.com/us/threat-insight/post/microsoft-word-intruder-8-adds-support-for-flash-vulnerability"
-
[ MalwareAnalysis ] Kronos Banking Trojan and Geo-Targeting from Kelihos http://garwarner.blogspot.com/2016/11/kronos-banking-trojan-and-geo-targeting.html
"Kronos 银行木马分析: https://t.co/56YXyN3U6n"
-
[ Others ] Covert Channels through Random Number Generator: Mechanisms, Capacity Estimation, Mitigation https://www.youtube.com/watch?v=G1xzG43mkZU https://t.co/bfrd0eSY2w
"Covert Channels through Random Number Generator: Mechanisms, Capacity Estimation and Mitigations,来自 ACM CCS 2016 上议题: https://www.youtube.com/watch?v=G1xzG43mkZU 本次大会议题视频: https://www.youtube.com/channel/UCUuxpXcE3S0Uu14JIEGn5vA"
-
[ Tools ] If my followers are still interested in infosec, the latest metasploit exploit is a super-sweet MS Office DLL hijack https://t.co/K3qKRn579V
"一个新 metasploit 漏洞利用模块:office_ole_multiple_dll_hijack,用于 MS Office DLL 劫持: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/office_ole_multiple_dll_hijack.rb"
-
[ Tools ] Python WebAssembly decoder & disassembler library https://github.com/athre0z/wasm
"wasm -- 一个 Python 模块,用于解码和反汇编WebAssembly 模块和字节码: https://t.co/t2yU2SFI71"
-
[ Tools ] dnSpy v3.0.0 realeased! It is a tool for .NET assemblies RE with decompiler, debugger and assembly editor https://github.com/0xd4d/dnSpy/releases #REhints
" .NET 字节码汇编器、反汇编器、调试器 dnSpy 发布 v3.0.0 版本: https://t.co/z0eaBrwt8d "
-
[ Vulnerability ] Avira Antivirus >= 15.0.21.86 Command Execution (SYSTEM) https://goo.gl/fb/ezk6HP #FullDisclosure
"Avira Antivirus >=15.0.21.86 存在命令执行漏洞: https://t.co/x6wzUmHLlq "
-
[ Vulnerability ] VBScript RegExpComp::PnodeParse out-of-bounds read details (MSIE 8-11, IIS… https://goo.gl/fb/cXzRYW #FullDisclosure
"VBScript RegExpComp::PnodeParse 越界读取漏洞: https://t.co/oT9k0qKuKZ"
-
[ Web Security ] Exploiting Python Code Injection in Web Applications http://sethsec.blogspot.com/2016/11/exploiting-python-code-injection-in-web.html
"利用 Python 代码实现 web 应用的注入: https://t.co/nEwL7ZsvUA"
-
[ Windows ] Microsoft Windows NtUserMagSetContextInformation Kernel State Corruption Privilege Escalation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-594/
"Microsoft Windows NtUserMagSetContextInformation 内核状态破坏提权漏洞: https://t.co/vJtNOnCt2j"
-
[ Windows ] Microsoft Windows Animation Manager Memory Corruption Vulnerability (MS16-132) (CVE-2016-7205) + POC: http://www.security-assessment.com/files/documents/advisory/ie_animation_manager_uaf.pdf
"Microsoft Windows Animation Manager 内存破坏漏洞 (CVE-2016-7205) + POC: https://t.co/PoJsFgGNMi"
-
[ WirelessSecurity ] SoDaRadio :SoDaRadio is a VHF/UHF all mode transceiver for the USRP https://sourceforge.net/projects/sodaradio/ #USRP #SDR https://t.co/EXORXpU48K
"SoDaRadio: 一个基于 USRP 的 VHF/UHF 全模式收发器: https://sourceforge.net/projects/sodaradio/"
-
[ WirelessSecurity ] Attacking Vessel Tracking Systems for Fun and Profit #SDR #AIS https://conference.hitb.org/hitbsecconf2013kul/materials/D1T1%20-%20Marco%20Balduzzi,%20Kyle%20Wilhoit%20Alessandro%20Pasta%20-%20Attacking%20Vessel%20Tracking%20Systems%20for%20Fun%20and%20Profit.pdf https://t.co/V4tdIh3ugk
"Attacking Vessel Tracking(船舶跟踪) Systems forFun and Profit(pdf): https://conference.hitb.org/hitbsecconf2013kul/materials/D1T1%20-%20Marco%20Balduzzi,%20Kyle%20Wilhoit%20Alessandro%20Pasta%20-%20Attacking%20Vessel%20Tracking%20Systems%20for%20Fun%20and%20Profit.pdf"
-
Xuanwu Spider via TinySec[ Windows ] POC for CVE-2016-7255: https://github.com/tinysec/public/tree/master/CVE-2016-7255
-
Xuanwu Spider via Seebug
[ OpenSourceProject ] GNU tar 解压路径绕过漏洞(CVE-2016-6321) 分析: http://paper.seebug.org/103/
-
Xuanwu Spider via Seebug
[ OpenSourceProject ] GitLab 任意文件读取漏洞 (CVE-2016-9086) 和任意用户 token 泄露漏洞: http://paper.seebug.org/104/
-
Xuanwu Spider via 安全客
[ WirelessSecurity ] 如何黑掉一个无人机?已知无人机漏洞&利用工具汇总(附演示视频): http://bobao.360.cn/learning/detail/3172.html
-
Xuanwu Spider via 看雪论坛
[ Android ] 安卓Stagefright高危漏洞分析学习总结: http://bbs.pediy.com/showthread.php?p=1450064#post1450064