腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2017/02/13

Mark Russinovich @markrussinovich

[ Conference ] Talks from BlueHat Israel are now posted: http://www.microsoftrnd.co.il/bluehat/Pages/Presentations.aspx

"BlueHat IL 议题公开︰ https://t.co/suFBUjYl2L"
Nicolas Krassas @Dinosn

[ Linux ] Ubuntu 16.10 local privilege escalation exploit via ntfs-3g https://bugs.chromium.org/p/project-zero/issues/detail?id=1072

"ntfs-3g（Ubuntu 16.10）在不安全的环境变量下调用 modprobe 导致本地权限提升漏洞： https://t.co/zaPHjxiLhF"
Binni Shah @binitamshah

[ Others ] How Shamoon v3 Works : https://www.revbits.com/pdf/RevBits-Threat-Intelligence-Report-Feb2017.pdf (pdf)

"恶意软件 Shamoon v3 的工作原理︰ https://t.co/JVv5dtog0J (pdf)"
Binni Shah @binitamshah

[ ReverseEngineering ] Reverse-engineering WatchGuard Mobile VPN : https://www.tazj.in/en/1486830338 , watchblob : https://github.com/tazjin/watchblob cc @ tazjin

"逆向 WatchGuard Mobile VPN: https://t.co/zXcoWZqp3l、 watchblob: https://t.co/nfHydO69JF "
雪碧0xroot @cn0Xroot

[ Tools ] HackRF 2017.02.1 Release https://github.com/mossmann/hackrf/releases #HackRF #SDR https://t.co/aCH0gKsf4x

"HackRF 2017.02.1 发布： https://t.co/zcSemM6L51 "
Brendan Gregg @brendangregg

[ Tools ] I published a new page: Linux Enhanced BPF (eBPF) Tracing Tools http://www.brendangregg.com/ebpf.html https://t.co/zJbURCy6ZR

"Linux eBPF 跟踪工具： https://t.co/lQtzsdkFbX "
Binni Shah @binitamshah

[ Tools ] hrrs : Record and replay HTTP requests in Java EE and Spring applications : https://github.com/vy/hrrs

"hrrs -- 在 Java EE 和 Spring 应用中记录和重放 HTTP 请求的工具︰ https://t.co/h5g8M4sCCT"

Xuanwu Spider via 知乎专栏

[ Android ] Android免Root环境下Hook框架Legend原理分析： https://zhuanlan.zhihu.com/p/25200724?refer=android-sec
Xuanwu Spider via project zero

[ Android ] Android: Inter-process munmap in android.util.MemoryIntArray： https://bugs.chromium.org/p/project-zero/issues/detail?id=1001
Xuanwu Spider via seebug

[ Windows ] SMBv3远程拒绝服务(BSOD)漏洞分析： http://paper.seebug.org/215/
Xuanwu Spider via sentinelone blog

[ iOS ] Analysis of iOS.GuiInject Adware Library： https://sentinelone.com/blogs/analysis-ios-guiinject-adware-library/
Xuanwu Spider via Pavel's Blog

[ Windows ] Monitoring ALPC Messages： http://blogs.microsoft.co.il/pavely/2017/02/12/monitoring-alpc-messages/
Xuanwu Spider via vxjump

[ Windows ] Windows 10 x64中的RFG(Return Flow Guard)技术研究： http://www.vxjump.net/files/security_research/rfg.txt

2017/02/13