腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] [blog] Black box discovery of memory corruption RCE on http://box.com: https://goo.gl/BPkDNl
" 如何从黑盒测试的角度实现 box.com 服务器的 RCE,来自 Chris Evans: https://t.co/qAODXFtVH8: https://t.co/4r2JuyVvRA"
-
[ Attack ] Github Repository Owners Targeted by Data-Stealing Malware: https://threatpost.com/github-repository-owners-targeted-by-data-stealing-malware/124656/ via @ threatpost
" 很多 GitHub 代码库管理员收到了嵌有恶意代码的钓鱼邮件,这些邮件假装成求职信: https://t.co/KPATTdNKHi"
-
[ Browser ] interesting presentation: https://www.blackhat.com/docs/asia-17/materials/asia-17-Li-Cross-The-Wall-Bypass-All-Modern-Mitigations-Of-Microsoft-Edge.pdf
" Bypass Edge 浏览器所有的利用缓解措施,来自 BlackHat Asia 会议的演讲︰ https://t.co/qlUq8zamZp"
-
[ Browser ] Test Edge for free via BrowserStack, including WebDriver support for automated testing https://blogs.windows.com/msedgedev/2017/03/30/free-edge-testing-browserstack/ Great for Mac-based devs
"微软和 BrowserStack 合作,为广大用户提供 Edge 浏览器的自动化测试支持,可以通过编写脚本快速实现: https://t.co/F1iwWwSunf "
-
[ Browser ] ZDI-17-241: Apple Safari RenderBox Use-After-Free Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-17-241/
"ZDI-17-241 - Safari RenderBox UAF RCE(CVE-2017-2463),该漏洞由玄武实验室 Kai Kang 发现: https://t.co/6vFGzkbPrg"
-
[ Cloud ] Slides for "SSH over CPU cache covert channels" (cf last RT) https://twitter.com/bloodytangerine/status/847369269977403393
" 基于 CPU 缓存隐蔽隧道的 SSH - 从云中缓存信道里发来的问候,来自作者昨天在 BlackHat Asia 会议的演讲, PPT: https://cmaurice.fr/pdf/ndss17_maurice_slides.pdf Paper: https://cmaurice.fr/pdf/ndss17_maurice.pdf https://t.co/onweue0Olt"
-
[ Conference ] Antivirus Evasion Reconstructed - Veil 3.0 by Christopher Truncer @ christruncer. Presentation available here: http://nullcon.net/website/archives/goa-2017.php
" Veil 杀软逃逸框架 3.0 发布,来自作者在 NULLCON 会议的演讲,另外 NullCon GOA 2017 会议的议题资料公开了︰ https://t.co/mvxAmXQjPB"
-
[ Conference ] All available slides and materials from today’s #BHASIA Briefings presentations are now posted online here: http://ow.ly/KQhN30aotH6
" BlackHat Aisa 会议的部分 PPT 公开了︰ https://t.co/Rrf3fYu6Wd"
-
[ Detect ] New post: Smart Whitelisting Using Locality Sensitive Hashing http://bit.ly/2obyyUe @ TrendMicro
" 基于局部敏感哈希算法的智能白名单: https://t.co/1MMF2Zue9c "
-
[ Detect ] ossec-hids : Open Source Host-based Intrusion Detection Sys(log analysis, file integrity, rootkit detection & more): https://github.com/ossec/ossec-hids
" ossec-hids - 一款主机端的开源入侵检测系统,支持日志分析、文件完整性检查、策略监控等功能: https://t.co/POL7peuXjJ"
-
[ iOS ] Updated slides from our BlackHat talk available here - https://speakerdeck.com/mbazaliy/fried-apples-jailbreak-diy
"Fried Apples: Jailbreak DIY,来自 BlackHat Asia 会议的演讲: https://t.co/dTXQ6ywZHO"
-
[ Linux ] Kernel upstream patch for pwn2own ubuntu Kernel local privilege escalation (CVE-2017-7184): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a https://t.co/gUaIJZGPWd
"长亭科技在 PWN2OWN 2017 比赛中用的 Ubuntu 内核本地提权漏洞(CVE-2017-7184)修复了,补丁信息︰ https://t.co/w2hvCIdhLP https://t.co/gUaIJZGPWd"
-
[ Linux ] I've published the write-up about exploiting CVE-2017-2636 in the Linux kernel: https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
" Linux 内核 n_hdlc 条件竞争漏洞的利用(CVE-2017-2636)(含 SMEP Bypass)︰ https://t.co/U6jQqp6urM"
-
[ Linux ] Tracing Runtime Events in .NET Core on Linux http://blogs.microsoft.co.il/sasha/2017/03/30/tracing-runtime-events-in-net-core-on-linux/
" 如何跟踪 Linux 版本 .NET Core 的运行时事件,包括垃圾回收、字节码加载、线程创建、对象创建等等: https://t.co/Qy8QxeF6GU "
-
[ macOS ] macOS/IOS: mach_msg doesn't copy memory in a certain case https://bugs.chromium.org/p/project-zero/issues/detail?id=1083
" macOS/IOS: mach_msg doesn't copy memory in a certain case(CVE-2017-2456),来自 Project Zero: https://t.co/ULwE9bZkWT"
-
[ Malware ] Implementation of the anti-VM (etc.) environment checks used by #NeutrinoBot Loader (https://blog.malwarebytes.com/threat-analysis/2017/02/new-neutrino-bot-comes-in-a-protective-loader/):… https://t.co/lqj9bglvPF
" Neutrino Bot 恶意软件的近期变种加入了对虚拟机环境的检测: https://blog.malwarebytes.com/threat-analysis/2017/02/new-neutrino-bot-comes-in-a-protective-loader/ "
-
[ MalwareAnalysis ] EquationDrug rootkit analysis (mstcp32.sys) http://artemonsecurity.blogspot.com/2017/03/equationdrug-rootkit-analysis-mstcp32sys.html #rootkit #injector #equationgroup #fiveeyes #cyberespionage
"Equation(方程式组织) 的 mstcp32.sys Rootkit 分析: https://t.co/ArvCgJdmCH "
-
[ Tools ] NCC Group Tool: Auto Chrome - https://github.com/nccgroup/autochrome - downloads, installs, and configures a shiny new copy of Chromium on Mac and Linux
" autochrome - 为方便测试,NCC Group 开源的一个 Chrome 自动化配置工具,禁用 XSS Auditor、集成 Burp: https://github.com/nccgroup/autochrome "
-
[ Windows ] New blog post: 0patching the "Immortal" CVE-2017-7269 https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html
" 0patch 团队为 IIS 6.0/WebDav CVE-2017-7269 漏洞写了一个临时的补丁: https://t.co/d95miEJ7Qm"
-
[ Windows ] Windows 10 Redstone 1/2 UAC changes, http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643&start=130#p30191 https://t.co/4jruiEEhvm
"Windows 10 RS1/RS2 版本中 UAC 机制的变化,RS 2 将于 4 月 11 号发布: https://t.co/2dlyJf9knl https://t.co/4jruiEEhvm"
-
[ Windows ] Low IL to System by Leaking Process _THREADINFO structure using GDI/Bitmaps. https://github.com/Cn33liz/HSEVD-ArbitraryOverwriteLowIL/blob/master/HS-ArbitraryOverwriteGDI/HS-ArbitraryOverwriteGDI.c @ NicoEconomou… https://t.co/sGj0Hjxf2k
" 利用 GDI/Bitmaps,Low IL 进程可以泄漏进程 _THREADINFO 结构: https://t.co/sGj0Hjxf2k"
-
Xuanwu Spider via phunter_lau 微博[ Network ] 针对DNS的随机域名DDoS攻击综述: https://www.dropbox.com/s/rzagsxhb3y5e87a/PSC2017-nominum-hongliang-liu-chinese.pdf?dl=0
-
Xuanwu Spider via 灯塔实验室
[ SCADA ] 工控系统的指纹识别技术: http://plcscan.org/blog/2017/03/fingerprint-identification-technology-of-industrial-control-system/
-
Xuanwu Spider via FreeBuf
[ Windows ] 如何绕过 Win8、Win10 的 systemsetting 与注册表校验设置默认浏览器: http://www.freebuf.com/articles/system/130288.html