腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Hardware ] D-Link DGS-1510 - Multiple Vulnerabilities : https://www.exploit-db.com/exploits/41662/
"D-Link DGS-1510 中存在多个漏洞(CVE-2017-6206)︰ https://t.co/y4LXoAE0aW"
-
[ Industry News ] Over 20 million Gmail and 5 million Yahoo accounts available for sale on the Dark Web http://securityaffairs.co/wordpress/57300/deep-web/gmail-yahoo-accounts-dark-web.html
"超过 2000 万 Gmail 和 500 万雅虎帐户在暗网上叫卖: https://t.co/EhReFejYsl"
-
[ MachineLearning ] N. Papernot et al. "Practical Black-Box Attacks against Machine Learning" https://arxiv.org/abs/1602.02697
"针对深度神经网络攻击实践: https://t.co/SJoGbTiSvr"
-
[ Others ] New blog post: Autonomic Network Analysis – Part 2 https://insinuator.net/2017/03/autonomic-network-analysis/
"思科自动网络(AN)协议分析 part 2: https://t.co/lU18kJykhl"
-
[ Others ] SHA-1 computations on http://GitHub.com now detect and reject Git content that may signal a collision attack. https://t.co/F1wrZ1VNvi
"SHA-1 Hash 冲突对于 Git 影响非常大,因为 Git 用 SHA-1 Hash 来存储仓库中的对象,所以 GitHub.com 官方开始着手检查是否有 SHA-1 碰撞的痕迹。尽管碰撞概率很小,但是 GitHub 有 500 万程序员、平均每秒一次 Commit : https://t.co/F1wrZ1VNvi"
-
[ Others ] We've Updated the RDP Session Hijacking workflows and Video Demo to include backdooring a machine too :-) https://t.co/xxFzDFhNXZ
"RDP 会话劫持演示(video): https://t.co/xxFzDFhNXZ"
-
[ Protocol ] Slides from my #TR17 NGI talk on "IPv6 Configuration Approaches for Servers" https://www.ernw.de/download/ERNW_TR17_NGI_IPv6_Config_Approach_Servers.pdf [PDF] https://t.co/GAXueAVS3P
-
[ Tools ] Install a test browser with ease by downloading our new public tool: Autochrome #chromium #WAPT https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/autochrome/
"Autochrome -- 自动化搭建 Chrome 本地测试环境: https://t.co/dsfmfcSi8c"
-
[ Tools ] Introducing Bloaty McBloatface: a size profiler for binaries http://blog.reverberate.org/2016/11/07/introducing-bloaty-mcbloatface.html
"Bloaty McBloatface - Google 的一位开发者开源的一个工具,方便检查 .o, .a, .so 的等文件类型所占用的空间: https://t.co/GGRNc4tfxH "
-
[ Tools ] Dr0p1t-Framework 1.2 - A Framework That Creates An Advanced FUD Dropper With Some Tricks http://www.kitploit.com/2017/03/dr0p1t-framework-12-framework-that.html
" Dr0p1t-Framework 1.2 -- Dropper后门生成框架: https://t.co/RrJmfMNFYg"
-
[ Tools ] pwlist - Password lists obtained from strangers attempting to log in to my server. http://github.com/droope/pwlist — Python Trending (pythontrend…
"pwlist -- 利用蜜罐收集的 SSH 暴力破解常用密码列表: https://t.co/zljYfaRF5E"
-
[ Virtualization ] Hack The Virtual Memory : C strings & /proc : https://blog.holbertonschool.com/hack-the-virtual-memory-c-strings-proc/ cc @ julienbarbier42
"hacking 虚拟内存: C 字符串与 proc 文件系统: https://t.co/Rphb5aCCqn "
-
[ Vulnerability ] OpenSSH on Cygwin: directory traversal in SFTP client https://bugs.chromium.org/p/project-zero/issues/detail?id=1058
"OpenSSH 在 Windows Cygwin 运行时存在一个目录穿越漏洞: https://t.co/d7Dc4leTWU "
-
[ Vulnerability ] Code Execution Vulnerability Found in #Libpurple IM Library: https://threatpost.com/code-execution-vulnerability-found-in-libpurple-im-library/124448/ via @ threatpost
"Libpurple 库存在代码执行漏洞: https://t.co/ZSPeyyQCNM"
-
[ Windows ] Windows 10 and Windows Server 2016 security auditing and monitoring reference - https://www.microsoft.com/en-us/download/details.aspx?id=52630
"Windows 10 与 Windows Server 2016 安全审计与监控手册: https://www.microsoft.com/en-us/download/details.aspx?id=52630"
-
[ WirelessSecurity ] Bundled GNURadio + GrOsmoSDR For Windows Machine https://github.com/pothosware/PothosSDR/wiki/GNURadio #SDR #GNURadio https://t.co/yUenKDKPxg
"Bundled GNURadio + GrOsmoSDR: https://t.co/A8ZkS3Myt5 "
-
Xuanwu Spider via seebug[ Browser ] SOP bypass/ UXSS on IE – 无域世界的新冒险: http://paper.seebug.org/254/
-
Xuanwu Spider via apnic.net
[ MalwareAnalysis ] 360 网络安全实验室写的一篇关于 Mirai Botnet 的 Blog: https://blog.apnic.net/2017/03/21/questions-answered-mirai-botnet/
-
Xuanwu Spider via archive.org
[ Others ] PoC||GTFO 杂志的第 0x14 期发布了: https://archive.org/details/pocorgtfo14
-
Xuanwu Spider via project zero
[ Popular Software ] Tavis 公布了昨天 Twitter 提到的 LastPass 可以在 Chrome/Firefox 弹计算器的漏洞细节。主要是利用 LastPass 扩展中 websiteConnector.js 允许代理 IPC commands 的漏洞: https://bugs.chromium.org/p/project-zero/issues/detail?id=1209
-
Xuanwu Spider via project zero
[ Virtualization ] QEMU cache block 翻译过程存在一个漏洞,Guest 机中 ring3 进程可以向另一个 ring3 进程注入代码,包括向拥有 root 权限的 ring3 进程: https://bugs.chromium.org/p/project-zero/issues/detail?id=1122
-
Xuanwu Spider via gitlab.com
http://www.freebuf.com/vuls/129906.html
gitlab.com & freebuf.com
[ Vulnerability ] GitLab 发布新版本,修复了多个漏洞,包括一个严重的信息泄露漏洞,可以泄露用户 Private Token: https://about.gitlab.com/2017/03/20/gitlab-8-dot-17-dot-4-security-release/ http://www.freebuf.com/vuls/129906.html