腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation https://t.co/zBjLdeAgnf
" RDP 会话劫持分析: https://t.co/zBjLdeAgnf "
-
[ Browser ] patch for firefox renderer exploit -> https://github.com/mozilla/gecko-dev/commit/557f236c19730116d3bf53c0deef36362cafafcd #Pwn2Own
"Firefox 52.0.1 修复了长亭科技在 PWN2OWN 2017 比赛中使用的漏洞: https://t.co/n7l5s5noQm "
-
[ Browser ] Mozilla Firefox: table use-after-free https://bugs.chromium.org/p/project-zero/issues/detail?id=1130
"Firefox 52 版本修复的一个 Table UAF 漏洞 (CVE-2017-5404): https://t.co/ynfmCw07uT"
-
[ Mobile ] [CVE-2017-5623] #OnePlus 3/3T #OxygenOS 4.0.3 and below Boot Mode Changing #Vulnerability https://alephsecurity.com/vulns/aleph-2017005
"一加 3/3T OxygenOS 4.0.3 未授权启动模式篡改漏洞(CVE-2017-5623): https://t.co/BWewHU6TsF"
-
[ Operating System ] A "Comprehensive and biaised [sic] comparison of #OpenBSD and #FreeBSD", by @ajacoutot & bapt@freebsd. #AsiaBSDCon https://t.co/GyE4O5Txr2
"针对 OpenBSD 和 FreeBSD 的对比: https://t.co/GyE4O5Txr2"
-
[ Others ] OpenSSH 7.4 patches padding oracle variant https://www.openssh.com/releasenotes.html#7.5
"OpenSSH 7.5 发布: https://t.co/KLgkYffYOu"
-
[ Others ] PowerShell module authors: catalog sign your entire module. Users: explicitly validate and test in your environment. https://twitter.com/sapientech/status/843827293797605376
"Powershell 中使用 SkipPublisherCheck 参数带来的影响: http://info.sapien.com/index.php/scripting/scripting-modules/effect-of-skippublishercheck"
-
[ Others ] How to write a recursive descent parser : http://www.craftinginterpreters.com/parsing-expressions.html cc @ munificentbob
" 详解表达式解析︰ https://t.co/Dj8IeyNt4B"
-
[ Popular Software ] Struts2 S2-046 PoC https://github.com/pwntester/S2-046-PoC
"Struts2 S2-046 is coming: https://cwiki.apache.org/confluence/display/WW/S2-046 ; PoC: https://t.co/9nHz5GNeiE"
-
[ Popular Software ] Oops, new LastPass bug that affects 4.1.42 (Chrome&FF). RCE if you use the "Binary Component", otherwise can steal… https://twitter.com/i/web/status/843965519371812864
"LastPass 爆出新漏洞,影响 Firefox/Chrome;Tavis 利用这个漏洞弹出了计算器: https://t.co/jaqsWg8CtT"
-
[ Popular Software ] CVE-2016-10190 FFmpeg Heap Overflow 漏洞分析及利用 https://security.tencent.com/index.php/blog/msg/116
"CVE-2016-10190 FFmpeg Heap Overflow 漏洞分析及利用: https://t.co/tOBEm0q5Of"
-
[ Popular Software ] Moodle 0-day (Remote Code Execution) : http://netanelrub.in/2017/03/20/moodle-remote-code-execution/
"学习管理系统 Moodle 远程代码执行漏洞分析(CVE-2017-2641) ︰ https://t.co/Zr6PkoBpuW"
-
[ Tools ] PloitKit - The Hacker's ToolBox http://www.kitploit.com/2017/03/ploitkit-hackers-toolbox.html
"PloitKit -- 一个黑客工具集: https://t.co/SVVYIpl8aQ"
-
[ Tools ] docker-nfqueue-scapy : Docker container for intercepting packets with scapy from a netfilter queue : https://github.com/milesrichardson/docker-nfqueue-scapy
"docker-nfqueue-scapy -- 利用 scapy 从 netfilter 队列中截取数据包的 docker 容器: https://t.co/zjjj2am3f2"
-
[ Windows ] My bugs fixed by MS in the last Patch Tuesday (Windows Registry, GDI, GDI+, Uniscribe, ICM) are now unrestricted: https://bugs.chromium.org/p/project-zero/issues/list?can=1&q=finder%3Amjurczyk+fixed%3A2017-mar-14
"作者发现的 16 个 Windows 字体相关的漏洞,这些漏洞在 3 月份补丁中被修复︰ https://t.co/ENUtZHZdEZ"
-
[ Windows ] Converting Windows kernel shellcode from previous posts to data only attacks and bypassing KASLR in the process https://improsec.com/blog//windows-kernel-shellcode-on-windows-10-part-4-there-is-no-code
"Windows 内核 Shellcode 编写 Part 4:在实际攻击中滥用 tagWnd 对象实现 Shellcode: https://t.co/8gt9l6lfzJ"
-
Xuanwu Spider via seebug[ Browser ] Firefox nsScriptLoadHandler 整数溢出导致的缓冲区溢出漏洞(CVE-2016-9066): https://www.seebug.org/vuldb/ssvid-92794#0-tsina-1-33549-397232819ff9a47a7b7e80a40613cfe1
-
Xuanwu Spider via seebug
[ IoTDevice ] 抓住“新代码”的影子 —— 基于GoAhead系列网络摄像头多个漏洞分析: http://paper.seebug.org/252/
-
Xuanwu Spider via 游侠安全网
[ Mobile ] 美国国土安全部:放一段声音,你的手机就可能被黑: http://www.youxia.org/homeland-security-a-sound-your-cell-phone-may-be-black.html?from=timeline&isappinstalled=0