腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] [BLOG] Reverse Engineering Samsung S6 SBOOT - Part I by @ _kamino_ http://blog.quarkslab.com/reverse-engineering-samsung-s6-sboot-part-i.html
"Samsung S6 Bootloader SBOOT 的逆向过程,Part 1: https://t.co/VzLWoZkn7T "
-
[ Android ] Root has arrived for the Qualcomm S7/S7 Edge on Android Nougat! https://forum.xda-developers.com/tmobile-s7-edge/how-to/heres-how-rooted-nougat-s7-edge-g935t-t3567502 https://t.co/2xZPI0bj1i
"Galaxy S7 & S7 Edge Android 7.0 Nougat Root 工具: https://t.co/83ZQ7LiOJW "
-
[ Android ] Android Security Bulletin—March 2017: https://source.android.com/security/bulletin/2017-03-01.html again 2 patch level's. send your OTA screens to update https://kb.androidtamer.com/Device_Security_Patch_tracker/
"Android 2017年3月安全公告: https://t.co/cXCz9hBFkl "
-
[ Industry News ] Spammer’s Leaky Backup Exposes Massive Empire: https://threatpost.com/spammers-leaky-backup-exposes-massive-empire/124092/ via @ threatpost
"14亿数据泄露,垃圾邮件发送者泄露的备份文件间接曝光了一个大规模的垃圾邮件帝国,其中包含用户真名、email 地址等信息: https://t.co/usUY6XvBx1 https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire"
-
[ Linux ] This was an interesting read on exploiting uninitialised Linux kernel stack variables http://www.cc.gatech.edu/~klu38/publications/ubi-ndss17.pdf
"利用 Stack Spray 的方法,实现 Linux 内核栈上变量未初始化漏洞的利用,paper: https://t.co/NiQ1laqpK9"
-
[ MalwareAnalysis ] UEFI Ransomware: Full Disclosure at Black Hat Asia http://buff.ly/2lTReTP #infosec #security #malware https://t.co/ypl9NuTCsA
"Cylance 研究员在 RSA 2017 会议上演示了一个 UEFI 级别的勒索软件,在 Windows 10 企业版 (1607)、各种安全特性全开的环境下仍然可以工作,文章提到其中涉及的漏洞细节将会在 BlackHat Asia 2017 会议上介绍: https://t.co/q2EBMAll7w "
-
[ MalwareAnalysis ] Dropping AtomBombs: Detecting DridexV4 in the Wild https://www.endgame.com/blog/dropping-atombombs-detecting-dridexv4-wild
"针对在野外利用的 Dridexv4 银行木马的检测: https://t.co/ANGUk0jH1l "
-
[ Others ] Powershell Exploit Analyzed Line-by-Line https://www.invincea.com/2017/03/powershell-exploit-analyzed-line-by-line/
"Powershell Exploit Analyzed Line-by-Line: https://t.co/dMGM3zYN2V"
-
[ Others ] PVS-Studio Team: Brief analysis of Media Portal 2 bugs. https://www.viva64.com/en/b/0481/ (#opensource, #csharp, #dotnet,… https://t.co/qUE8wkg8z8
" 针对 Media Portal 2 的多个漏洞分析: https://t.co/oOmmMihlx0 "
-
[ SecurityReport ] Two #bankingTrojans resurfaced with a new #ATM malware discovered. More about the banking threats of 2016:… https://twitter.com/i/web/status/838554727822606336
"2016 年企业威胁总览,来自 trendmicro: https://t.co/xe7WQ2pDAc"
-
[ Tools ] “Docker security analysis tools” #docker #security #devops #devsecops http://buff.ly/2lSmz9v
"dockerscan -- 一个 docker 安全性分析工具: https://t.co/fXCBVDzo8V"
-
[ Tools ] Basics of Compiler Design : http://www.diku.dk/~torbenm/Basics/basics_lulu2.pdf (pdf)
"编译器设计基础︰ https://t.co/2jrRFUBbaH "
-
[ Tools ] I hope your {$SecurityProduct} catches AppInit Dll Injects Here is a way to test. https://github.com/subTee/AppInitGlobalHooks-Mimikatz Hides #Mimikatz from Process lists
"AppInitGlobalHooks --通过修改 AppInit_DLLs 注册表键值的方法建立全局 Hook,实现 Mimikatz.exe 的隐藏: https://t.co/EKnNC3eHPm "
-
[ Tools ] MITM Bluetooth Proxy Tool: Btproxy https://n0where.net/mitm-bluetooth-proxy-tool-btproxy/ #InfoSec #CyberSecurity
"Btproxy -- 针对蓝牙设备的中间人攻击工具 ︰ https://t.co/ZsvAcwvC5K"
-
[ Tools ] JSShell - An interactive multi-user web JS shell written in #Python https://github.com/Den1al/JSShell/
"JSShell -- 基于 Web 的多用户交互式 JS Shell,用于对浏览器进行远程调试: https://t.co/Sd3ETpkxIS "
-
[ Windows ] Second post in my series on Windows kernel shellcode on Windows 10 https://improsec.com/blog//windows-kernel-shellcode-on-windows-10-part-2
"Windows Kernel Shellcode on Windows 10 – Part 2,修改 winlogon.exe ACL 属性的内核 Shellcode: https://t.co/iKzzMNjjBfGithub: https://github.com/MortenSchenk/ACL_Edit"
-
Xuanwu Spider via cwiki.apache.org[ Popular Software ] Apache Struts 2 在处理文件上传 HTTP 头部 Content-Type 时,存在 RCE 漏洞(S2-045) CVE-2017-5638 : https://cwiki.apache.org/confluence/display/WW/S2-045?from=groupmessage