腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] Microsoft shares telemetry data collected from Windows 10 users with FireEye? http://thehackernews.com/2016/11/windows10-telemetry-data.html?m=1
"微软将 Windows 10 用户中收集的遥测数据与 FireEye 共享: https://t.co/XLJPoiAKNN"
-
[ Browser ] MS Edge: Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, and more! - Broken Browser https://www.brokenbrowser.com/abusing-of-protocols/
"MS Edge 浏览器: 利用协议来加载本地文件、绕过 HTML5 沙箱: https://t.co/iT22BucNJR"
-
[ Cloud ] Securing Local AWS Credentials with MFA + Roles in AWS CLI https://medium.com/starting-up-security/securing-local-aws-credentials-9589b56a0957#.6a55jqmyh
"保护本地 AWS 凭证: https://t.co/S1A0EciBg4 "
-
[ MalwareAnalysis ] I just published the source code of my graph based malware clusterization toolkit "Cosa Nostra" and slides: https://t.co/ovf7fgRMGh
"Cosa Nostra,a graph based malware clusterization toolkit(slides),来自 SyScan360 2016 大会议题︰ https://github.com/joxeankoret/cosa-nostra/blob/master/doc/cosa_nostra_slides_syscan360.pdf GitHub: https://t.co/ovf7fgRMGh"
-
[ Others ] As promised in my last tweet: Using branch target buffer collisions to break hypervisor ASLR. PoC on github: https://t.co/fmtS3uYMlM
"利用 BTB 碰撞绕过 hypervisor ASLR 限制: https://t.co/fmtS3uYMlM"
-
[ Others ] Sysmon can spot credential dumping with the right config. Process rights reference @ https://msdn.microsoft.com/en-us/library/windows/desktop/ms684880(v=vs.85).aspx #DFIR https://t.co/lf7jB3uzXN
"利用 Sysmon 记录 dump Windows 凭据行为: https://msdn.microsoft.com/en-us/library/windows/desktop/ms684880"
-
[ Others ] JSON hijacking for the modern web http://blog.portswigger.net/2016/11/json-hijacking-for-modern-web.html
"利用 JS 代理跨域盗取信息: https://t.co/K4Vj9iB8aU "
-
[ Virtualization ] Symantec/Norton Antivirus ASPack Remote Heap/Pool memory corruption Vulnerability CVE-2016-2208 https://bugs.chromium.org/p/project-zero/issues/detail?id=820
"赛门铁克公司/诺顿防病毒软件 ASPack 远程堆/池 的内存破坏漏洞( CVE-2016-2208): https://t.co/XDJiXeFX6N"
