腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] Chrome: bypass for download filetype blacklist, extension->native privesc https://bugs.chromium.org/p/project-zero/issues/detail?id=1000
"Chrome 浏览器 Linux 桌面版下载文件类型黑名单绕过漏洞,一个恶意的 Chrome 扩展可以借此实现 Native 代码执行能力: https://t.co/pp7DM7jXwV"
-
[ Defend ] Microsoft Incident Response Guide just out https://info.microsoft.com/INCIDENT-RESPONSE-REFERENCE-GUIDE.html
" 微软发布《安全事件应急响应处理指南》: https://t.co/HxkOIz05Xa "
-
[ Fuzzing ] The Smart Fuzzer Revolution https://blog.trailofbits.com/2017/02/16/the-smart-fuzzer-revolution/
"智能 Fuzzer 的发展过程: https://t.co/hypFUwEZhp"
-
[ Malware ] REMCOS: A New RAT In The Wild http://blog.fortinet.com/2017/02/14/remcos-a-new-rat-in-the-wild-2
"REMCOS - 2016 年下半年黑客论坛中新出现的远控工具: https://t.co/AopQo6vqJN"
-
[ MalwareAnalysis ] Introducing Malboxes: a Tool to Build Malware Analysis Virtual Machines - http://gosecure.net/2017/02/16/introducing-malboxes-a-tool-to-build-malware-analysis-virtual-machines/
" Malboxes - 自动化构建恶意软件分析沙箱虚拟机环境的工具: https://t.co/HI5t5bau1o"
-
[ OpenSourceProject ] QEMU: virtfs permits guest to access entire host filesystem https://bugs.chromium.org/p/project-zero/issues/detail?id=1035
"QEMU virtfs 文件系统允许 Guest 机访问 Host 机的整个文件系统(通过符号链接实现): https://t.co/inDPjb0EjW"
-
[ Others ] The Art of Bootkit Development : http://www.stoned-vienna.com/pdf/The-Art-of-Bootkit-Development.pdf (pdf)
"Bootkit 开发的艺术︰ https://t.co/llsgQCcofC "
-
[ Popular Software ] The Angular JS Security videos by @ LiveOverflow are really awesome. Perfect sandbox bypass explanations: https://www.youtube.com/playlist?list=PLhixgUqwRTjwJTIkNopKuGLk3Pm9Ri1sF
"关于 Angular JS 沙箱逃逸的几个视频︰ https://t.co/mvfVBAr6Cu"
-
[ Popular Software ] Adobe Flash: Overflow in MP4 AMF Parsing https://bugs.chromium.org/p/project-zero/issues/detail?id=1018
"Adobe Flash MP4 AMF 解析存在溢出漏洞(CVE-2017-2992): https://t.co/h3n7dYBJVf"
-
[ Popular Software ] Adobe Flash: Use-after-free in Copying Bitmap Pixels https://bugs.chromium.org/p/project-zero/issues/detail?id=1014
"Adobe Flash 拷贝 Bitmap 像素时触发的一个 UAF 漏洞: https://t.co/LZzc8sq3HT"
-
[ Popular Software ] Adobe Flash: Fuzzed SWF causes stack corruption https://bugs.chromium.org/p/project-zero/issues/detail?id=1013
"Adobe Flash SWF 模糊测试时发现栈损坏漏洞(CVE-2017-2988): https://t.co/xCNO2d0QHG"
-
[ Popular Software ] Adobe Flash: Heap Overflow in YUVPlane decoding https://bugs.chromium.org/p/project-zero/issues/detail?id=1008
"Adobe Flash YUVPlane 解码时存在堆溢出漏洞: https://t.co/CiF1e36omp"
-
[ Popular Software ] Adobe Flash: Use-after-free in applying bitmapfilter https://bugs.chromium.org/p/project-zero/issues/detail?id=1007
" Adobe Flash: Use-after-free in applying bitmapfilter: https://bugs.chromium.org/p/project-zero/issues/detail?id=1007"
-
[ Popular Software ] slides from our talk today: https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains cc @ cktricky also gist with all the links https://gist.github.com/carnal0wnage/ed9e4c10e065bd00e21e2af67301e9d9 #RSAC2017 #RSAC
"DevOps 工具链的攻击与防御,来自 RSA 2017 会议︰ https://t.co/tZT83WLwWL ; "
-
[ SecurityProduct ] KL-001-2017-002 : Trendmicro InterScan Privilege Escalation Vulnerability https://goo.gl/fb/tVcbtI #FullDisclosure
"Trendmicro InterScan 权限提升漏洞(CVE-2016-9315) https://t.co/zzOWPxmKsV "
-
[ SecurityProduct ] Advisory | Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution https://pentest.blog/advisory-trend-micro-interscan-messaging-security-virtual-appliance-remote-code-execution/
"Trend Micro InterScan Messaging Security 远程代码执行漏洞分析: https://t.co/1M5eUy4nxg"
-
[ SecurityReport ] OpenSSL Security Advisory [16 Feb 2017] https://www.openssl.org/news/secadv/20170216.txt
"OpenSSL 2 月份安全公告: https://t.co/AYAmGlcF3C"
-
[ Tools ] Open Source Tools for monitoring pastebin: https://github.com/jordan-wright/dumpmon https://github.com/xme/pastemon https://github.com/cvandeplas/pystemon
" 用于监控 pastebin 网站的工具︰ https://t.co/mjwblKF3uZ https://t.co/fIpi1hoZAZ https://t.co/wU43SuokF2"
-
[ Tools ] KeyBox - a web-based SSH console that centrally manages administrative access to systems : https://github.com/skavanagh/KeyBox https://t.co/oMoPcJWJmh
"KeyBox -- 基于 web 的 SSH 终端︰ https://t.co/YswdOLsHvH https://t.co/oMoPcJWJmh"
-
[ Tools ] nucleus - detects functions at the CFG-level. Including the option to transfer results to IDAPython script https://bitbucket.org/vusec/nucleus
" 之前推送过一篇 Paper《Compiler-Agnostic Function Detection in Binaries》,在二进制文件中检测函数的方法。Paper 发布之后,工具原型也公开了: https://t.co/WSsSroIAS0"
-
[ Windows ] Here's the code/dll x86 for now/ should work as normal user https://github.com/subTee/RegistrationFreeCOM DLL inject via ActCTX COM Object https://msdn.microsoft.com/en-us/library/windows/desktop/aa375644(v=vs.85).aspx
" 基于 Microsoft.Windows.ACTCTX COM 对象实现的 DLL 注入: https://github.com/subTee/RegistrationFreeCOM https://msdn.microsoft.com/en-us/library/windows/desktop/aa375644(v=vs.85).aspx"
-
[ Windows ] Windows gdi32.dll heap-based out-of-bounds reads / memory disclosure in EMR_SETDIBITSTODEVICE - https://bugs.chromium.org/p/project-zero/issues/detail?id=992&q=
" Windows gdi32.dll heap-based out-of-bounds reads / memory disclosure in EMR_SETDIBITSTODEVICE: https://t.co/JfjdDmNrxC"
-
[ Windows ] GDI: Insufficient bounds check on GDI32!ConvertDxArray https://bugs.chromium.org/p/project-zero/issues/detail?id=951
" GDI32!ConvertDxArray 边界检查不严格,可以通过 Office 2010 触发: https://t.co/0ZGihJfVsY"
-
[ Windows ] Office Powerpoint 2010 MSO/OART heap out of bounds access https://bugs.chromium.org/p/project-zero/issues/detail?id=950
" Office Powerpoint 2010 MSO/OART heap out of bounds access: https://t.co/sYNbteCNiZ"
-
[ Windows ] MSO!Ordinal5429 heap corruption due to missing length check https://bugs.chromium.org/p/project-zero/issues/detail?id=949
" Windows 7 Office 2010 由于缺少长度检查造成的 mso!Ordinal542 堆破坏漏洞: https://t.co/GZcCDWQawV"
-
Xuanwu Spider via 央视新闻[ Attack ] 震惊!只需手机号就能把你身份财产查个底儿掉: http://weibo.com/ttarticle/p/show?id=2309404075816400100265
-
Xuanwu Spider via FreeBuf
[ ThreatIntelligence ] 盘点 RSA 2017展台上的那些威胁情报产品: http://www.freebuf.com/news/127067.html