腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Using @ fridadotre on non-rooted Android devices https://koz.io/using-frida-on-android-without-root/
"非 Root 条件下,如何在 Android 上使用 Frida 框架: https://t.co/8uPgV43Q2Q"
-
[ Browser ] Edge 15 now supports CSP 2 https://wpdev.uservoice.com/forums/257854-microsoft-edge-developer/suggestions/9163354-content-security-policy-level-2
"Microsoft Edge 15 现在开始支持 CSP 2 (Content Security Policy Level 2)了: https://t.co/nwqDv9d3Xg"
-
[ Defend ] Many good points in @carnal0wnage's & @cktricky's "DevOOPS: Attacks And Defenses For DevOps Toolchains"… https://t.co/fi1KgSuXUy
"企业开发运维工具链中的攻与防,150 页的 PPT: https://insomnihack.ch/wp-content/uploads/2017/04/CG-KJ-devoops-2017_22Mar-insomnia.pdf"
-
[ Industry News ] Vendors who have patched #Pwn2Own bugs: Ubuntu, Google, VMware, Adobe Vendors who haven't: Apple and Microsoft #waiting
"PWN2OWN 比赛中涉及到的各厂商的漏洞,大部分已经修复了,就剩 Apple 和微软了..."
-
[ Industry News ] The Mirai botnet is back and includes a Bitcoin Mining component http://securityaffairs.co/wordpress/57942/malware/mirai-botnet-bitcoin.html
"Mirai 僵尸网络也准备挖比特币了: https://t.co/rZc2n5z4oJ"
-
[ Operating System ] Solaris 7 - 11 (x86 & SPARC) dtappgather exploit & vulnerability details (used by EXTREMEPARR) https://github.com/HackerFantastic/Public/blob/master/exploits/dtappgather-poc.sh
"Solaris 7 - 11 (x86 & SPARC) 本地 Root Exploit: https://t.co/QSijUxTW3b"
-
[ Others ] A Malware Analyst's Guide to Bitcoin https://sentinelone.com/blogs/malware-analyst-guide-bitcoin/
"恶意软件研究员也需要了解一些比特币的知识: https://t.co/NEA73Kg5NE"
-
[ Others ] Interesting research: Identifying HTTPS-Protected Netflix Videos in Real-Time http://www.mjkranch.com/docs/CODASPY17_Kranch_Reed_IdentifyingHTTPSNetflix.pdf [PDF]… https://t.co/Jouj99Cvoj
"昨天推送了一篇关于远程泄露用户所观看 Netflix、Youtube 视频信息的 Paper,今天又有一篇,这篇是通过被动状态下的流量嗅探的方式实时发现用户所看的 HTTPS Netflix 视频源: https://t.co/vRZmwU7Qpc "
-
[ Popular Software ] Analysis of a CVE-2017-0199 Malicious RTF Document http://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document
" Nviso 从实际恶意样本分析昨天修复的 Office 0Day 漏洞(CVE-2017-0199) https://t.co/aq1mzX0fwQ "
-
[ Popular Software ] Unitrends Bug Hunting: Remote Code Execution (CVE-2017-7280) - Part 1 https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/
"Unitrends (企业备份软件) 远程代码执行漏洞分析(CVE-2017-7280): https://t.co/DjXTDoD411"
-
[ Popular Software ] #PenTesting #Skype for Business: Exploiting the Missing #Lync: @domchell via MDSec #cybersecurity https://t.co/eesKKDyTNb
"攻击商业版 Skype,获取域管理凭据: https://t.co/eesKKDyTNb "
-
[ Tools ] Botox is a great tool from @devttyS0 which uses Keystone to statically-inject SIGSTOP to entry point of ELF file! https://t.co/FNnQcG8Oqw
"Botox - 基于 Keystone 向 ELF 入口点注入 SIGSTOP 指令的工具: https://t.co/FNnQcG8Oqw"
-
[ Vulnerability ] Nintendo: 3DS DNS Client Resolver Library Uses Predictable TXID https://bugs.chromium.org/p/project-zero/issues/detail?id=1089
"Nintendo: 3DS DNS Client 在 DNS 查询时使用可预测的 TXID,之前 Windows 也出过类似的漏洞(MS08-020): https://t.co/Lxl4H22Ot2"
-
[ Windows ] Windows 10 Creators Update: What’s new in Bash/WSL & Windows Console - https://blogs.msdn.microsoft.com/commandline/2017/04/11/windows-10-creators-update-whats-new-in-bashwsl-windows-console/
"Windows 10 Creators 正式发布了,其中的 Linux 子系统有什么变化?支持的工具多了,兼容性提升了,和 Windows 子系统的互操作性也增强了: https://t.co/juwbcYGmdV"
-
[ Windows ] If you're attending my #HITB2017AMS workshop on Friday set up a 32 bit Win10 AU (or CU) VM and grab toolset from https://github.com/tyranid/windows-logical-eop-workshop/releases/tag/HITB-AMS-2017
"James Forshaw 公开了一些 Windows 逻辑类本地提权漏洞示例代码: https://t.co/11PxlI2tNC"
-
[ WirelessSecurity ] LimeSDR Getting Started Quickly | LimeSDR上手指南 @ LimeSDR_org #LimeSDR #SDR #GNURadio 、 http://bobao.360.cn/learning/detail/3721.html… https://twitter.com/i/web/status/852131783697190912
"LimeSDR Getting Started Quickly LimeSDR 上手指南: http://bobao.360.cn/learning/detail/3721.html"
-
Xuanwu Spider via speakerdeck.com[ Attack ] A beat of security, with the Elastic Stack - 从猜密码到利用漏洞攻破内网: https://speakerdeck.com/monicasarbu/a-beat-of-security-with-the-elastic-stack
-
Xuanwu Spider via blogs.windows.com
[ Browser ] 之前 IE 11 中虽然禁用了 VBScript,但因为兼容性,仍然可以通过网页兼容模式打开下启用。而这次更新,增加了一个完全禁用的选项: https://blogs.windows.com/msedgedev/2017/04/12/disabling-vbscript-execution-in-internet-explorer-11/#IqqfLpJt5v8Th67x.97
-
Xuanwu Spider via tripwire.com
[ Industry News ] Microsoft 宣布结束对 Windows Vista 的支持: https://www.tripwire.com/state-of-security/latest-security-news/microsoft-says-long-windows-vista/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tripwire-state-of-security+%28The+State+of+Security+%7C+Tripwire%2C+Inc.%29
-
Xuanwu Spider via resources.infosecinstitute.com
[ MalwareAnalysis ] IoT Botnet 日益增多,本篇文章分析了几个最近发现的在野 IoT Botnet: http://resources.infosecinstitute.com/rise-iot-botnet-beyond-mirai-bot/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+infosecResources+%28InfoSec+Resources%29
-
Xuanwu Spider via fulldisclosure
[ Popular Software ] Proxifier for Mac <= 2.18(CVE-2017-7643)本地 Root 提权: http://seclists.org/fulldisclosure/2017/Apr/64?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29 Proxifier for Mac 2.19 本地 Root 提权 :http://seclists.org/fulldisclosure/2017/Apr/63?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29