腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] [Blog] Lateral Movement via DCOM: Round 2 https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/
"利用 DCOM 进行横向攻击 第二弹︰ https://t.co/leyKbWtK30"
-
[ Browser ] #chromium Mus window system overview: http://frederic-wang.fr/mus-window-system.html by Frederic Wang <fwang at igalia> (cc @ igalia @ ChromiumDev)
"让 Chromium 运行在 Ozone/Wayland 上: https://t.co/egtfLeKZxK "
-
[ Hardware ] BR-PUF Analysis http://smrrd.de/br-puf-analysis.html
"BR PUF 分析: https://t.co/MyOC2U8fBP"
-
[ IoTDevice ] New Blog Post | How to pwn an AXIS 206 IP cam and have fun with it afterwards: https://what.pwned.me/index.php/2017/01/23/axis-206-pwned/
"攻破 AXIS 206 IP 摄像头 ︰ https://t.co/i5rf1Rx8gl"
-
[ macOS ] About the security content of macOS Sierra 10.12.3 https://support.apple.com/en-us/HT207483
"macOS Sierra 10.12.3 安全更新公告: https://t.co/8mEEbn1Qie"
-
[ Malware ] Android Banking Malware BankBot Identified http://bestsecuritysearch.com/android-banking-malware-bankbot-identified/
"BankBot 一个新被发现的 Android 恶意软件: https://t.co/5iBr7W2S7S"
-
[ MalwareAnalysis ] Qadars Banking Trojan C2 decryptor << pcap https://www.countercept.com/our-thinking/decrypting-qadars-banking-trojan-c2-traffic/
"解密 Qadars 银行木马的 C2 流量: https://t.co/ZNmSuJv0uD"
-
[ Others ] CVE-2016-7637---再谈Mach IPC http://turingh.github.io/2017/01/10/CVE-2016-7637-%E5%86%8D%E8%B0%88Mach-IPC/
"CVE-2016-7637---再谈Mach IPC : https://t.co/1oKwE5eLSm"
-
[ Popular Software ] PHP Melody 2.7 - Multiple Vulnerabilities https://www.logicista.com/2017/phpmelody-multiple-vulnerabilities
"PHP Melody 2.7 存在多个漏洞: https://t.co/mrNZcKHFtp"
-
[ Popular Software ] Microsoft RDP Client for Mac OS X arbitrary file read/write that leads to RCE https://www.wearesegment.com/research/Microsoft-Remote-Desktop-Client-for-Mac-Remote-Code-Execution #macos #microsoft #vulnerability
"Microsoft Remote Desktop Client for Mac 远程代码执行: https://t.co/0ln4jdAruj"
-
[ Popular Software ] There was a secret URL in WebEx that allowed any website to run arbitrary code. ¯\_(ツ)_/¯ https://bugs.chromium.org/p/project-zero/issues/detail?id=1096
"Cisco: Magic WebEx URL 任意代码执行漏洞: https://t.co/sAqZrDN4ad"
-
[ Tools ] Responder – spoofing LLMNR and NBT-NS to capture password hashes : https://github.com/SpiderLabs/Responder
"Responder -- LLMNR 、NBT-NS 及 MDNS 投毒工具︰ https://t.co/iTkRNjN7TL"
-
[ Tools ] Radare2 - Using Emulation To Unpack Metasploit Encoders : https://xpnsec.tumblr.com/post/156211722581/radare2-using-emulation-to-unpack-metasploit https://t.co/j8D6yV9bTs
"Radare2 -- 使用模拟器解开 Metasploit Encoder 编码的文件︰ https://t.co/AsnSiUh42W https://t.co/j8D6yV9bTs"
-
[ Tools ] Nimbostratus : Tools for fingerprinting and exploiting Amazon cloud infrastructures : https://andresriancho.github.io/nimbostratus/
"Nimbostratus -- 针亚马逊云基础设施进行指纹识别与利用的工具︰ https://t.co/c5X6lchrdX"
-
[ Tools ] WordPress Exploit Framework v1.4 : https://github.com/rastating/wordpress-exploit-framework/releases/tag/v1.4 cc @ iamrastating
"WordPress Exploit Framework: https://t.co/8jmRjWGLVo "
-
[ Tools ] kickthemout : Kick devices off your network by performing an ARP Spoof attack with Node.js : https://github.com/roccomuso/kickthemout cc @ roccomuso
"kickthemout -- Node.js 版 ARP 欺骗断网工具︰ https://t.co/7Z8LCdkf0o"
-
[ Tools ] @ BruceDawson0xB drpdb is a SymbolSort based tool to convert PDBs to a MySQL database - worth a look? https://github.com/briterator/drpdb
"drpdb -- 可以将 Microsoft PDB 格式文件转进 MySQL 数据库的工具 : https://t.co/dGObcLD8Ja"
-
[ Vulnerability ] Vulnerability Spotlight - LibBPG Image Decoding Code Execution http://blog.talosintel.com/2017/01/vulnerability-spotlight-libbpg-image.html
"Libbpg 库 BGP image 解码过程中存在的代码执行漏洞分析(CVE-2016-8710): http://www.talosintelligence.com/reports/TALOS-2016-0223/"
-
[ Web Security ] DNS data exfiltration from sql injection http://goo.gl/VL1mlU
"利用 DNS 在 SQL 注入中传输数据: https://t.co/1nQINr2lDi"
-
[ Windows ] A follow up post on bypassing Control Flow Guard - https://improsec.com/blog//bypassing-control-flow-guard-on-windows-10-part-ii #Exploit
"Bypassing Control Flow Guard in Windows 10 - Part II: https://t.co/6YYAOoltVt"