腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Security Activity Blog : Hack Android Application Through Exposed Component... http://anandsecurity.blogspot.com/2017/04/hack-android-application-through.html?spref=tw
" 通过暴露的组件攻击安卓应用: https://t.co/idWg5mtv4t"
-
[ Industry News ] Input validation, XSS, Java deserialization bugs patched in #ColdFusion. https://threatpost.com/coldfusion-hotfix-resolves-xss-java-deserialization-bugs/125196/ via @ threatpost
"Adobe 昨日发布的 ColdFusion 重要安全补丁修复了其输入验证漏洞(CVE-2017-3008)与 Java 反序列化洞(CVE-2017-2066): https://t.co/XAMnFKdhbi"
-
[ iOS ] 9 Steps To Bypass iCloud Activation Lock On iPhone For Free - https://pangujailbreak.com/bypass-icloud-free/ https://t.co/iSepamayyH
"9 步实现 Bypass iCloud 激活锁: https://t.co/FpAbi84mLn "
-
[ Linux ] Tasty remote heap overflow in Linux. https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
"Linux 内核刚刚修复了一个 skb_to_sgvec 中的堆溢出漏洞: https://t.co/yrd7eYNMsM"
-
[ Linux ] Latest Kali Linux updates and 2017.1 release announcement - http://offs.ec/2q1IjSP Get your ISO, VM and ARM images while they're hot!
"Kali Linux 发布 2017.1 版本: https://t.co/8aoEpmXvFs "
-
[ MalwareAnalysis ] #Hajime, the mysterious evolving IoT botnet https://securelist.com/blog/research/78160/hajime-the-mysterious-evolving-botnet/ https://t.co/s9z0hwlxPy
"卡巴斯基实验室对 IoT 蠕虫 Hajime 的分析以及其影响范围的统计: https://t.co/oIsPjOIK07 https://t.co/s9z0hwlxPy"
-
[ Mobile ] [CVE-2017-5625] #OnePlus 3/3T #OxygenOS Unauthorized Flash Dumping via fastboot #Vulnerability https://alephsecurity.com/vulns/aleph-2017006
"OnePlus(一加手机)3/3T fastboot Flash Dump 漏洞,影响 OxygenOS 4.0.2 及之前版本: https://t.co/rmFjlTe7u1"
-
[ Mobile ] Mobile Security News Update April 2017 https://www.mulliner.org/blog/blosxom.cgi/security/mobile_security_news_update_april_2017.html #flexispy #android sooo many slides
"4 月移动安全方向的动态总结: https://t.co/9Uxds51q3O #"
-
[ Others ] @ matrosov Huffman tables for ME 11 still unknown, but we working on it ;) BTW, slides: https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf
"Intel ME 的静态分析(PPT)︰ https://t.co/jcSrQ4zjsM"
-
[ Others ] [papers] nt!_SEP_TOKEN_PRIVILEGES - Single Write EoP Protect http://www.exploit-db.com/docs/41924.pdf?rss
"nt!_SEP_TOKEN_PRIVILEGES - Single Write EoP Protect,nt!_SEP_TOKEN_PRIVILEGES 与内核提权: https://t.co/3gpaGrhAFe"
-
[ Others ] Hijacking Bitcoin: Routing Attacks on Cryptocurrencies https://btc-hijack.ethz.ch/files/btc_hijack.pdf
"比特币劫持之针对加密货币的路由攻击(paper): https://t.co/WtcmQWFuMR"
-
[ SecurityReport ] Nice overview of last couple of years of Pawn Storm/Sofacy/Sednit/STRONTIUM/APT28/Fancy Bear (phew!) APT activities https://t.co/tL1cje8wfi
"Two Years of Pawn Storm: https://t.co/tL1cje8wfi"
-
[ Tools ] A TCP proxy over named pipes for maintaining a #meterpreter session over 445 for less network alarms #smb - https://t.co/hzjypYLTjG #pentest
" flatpipes - 基于命名管道实现的 TCP 代理,通过445端口通信: https://t.co/hzjypYLTjG "
-
[ Tools ] The #shadowbrokers #DANDERSPRITZ #PEDDLECHEAP implant reversed & analyzed with detection advice here https://t.co/iJmPfDfD9h #threathunting
"方程式泄露的文件中有一个类似 Meterpreter 的植入工具 - PEDDLECHEAP: https://t.co/iJmPfDfD9h "
-
[ Virtualization ] Hyundai Patches Leaky Blue Link Mobile App https://threatpost.com/hyundai-patches-leaky-blue-link-mobile-app/125182/
"现代汽车的手机应用 Blue Link 修复了一个隐私数据泄露的漏洞: https://t.co/zbPQLQ4OKx"
-
[ Windows ] Exploit heads! New blog from @matspisak of @EndgameInc on bypassing MS CFG in Edge using modern code-reuse attacks. https://t.co/lIJ3Erv1xQ
"利用高级代码复用攻击 - COOP(伪造的面向对象编程)方式 Bypass CFG: https://t.co/lIJ3Erv1xQ"
-
[ Windows ] Privilege escalation in HP, Philips and Fujitsu bloatware (Portrait Displays SDK) http://blog.sec-consult.com/2017/04/what-unites-hp-philips-and-fujitsu-one.html
"集齐惠普、飞利浦、富士通能做什么?数百万设备预装软件 Bloatware 的 Windows 服务提权漏洞: https://t.co/jNlL8B7FXe "
-
Xuanwu Spider via blog.zimperium.com [ Android ] Zimperium 昨天突然公开了两个 Android 驱动提权漏洞的细节和 Exploit,漏洞分别来自 NVIDIA 视频驱动和 MSM Thermal 驱动,这些 Exploits 来自它的 N-Days Exploit 收购项目: https://blog.zimperium.com/nday-2017-0102-elevation-of-privilege-vulnerability-in-nvidia-video-driver/ https://blog.zimperium.com/nday-2017-0105-elevation-of-privilege-vulnerability-in-msm-thermal-driver/
-
Xuanwu Spider via 百度安全实验室
[ APT ] APT攻击利器-Word漏洞CVE-2016-7193原理揭秘: https://mp.weixin.qq.com/s?__biz=MzA3NTQ3ODI0NA==&mid=2247483791&idx=1&sn=78858dc62d56bef962df9cc106b50a8b&chksm=9f6ea404a8192d12605c8537ed11c374b4466ab845dc6e1fcba2bd7fb41f9215c33758eccc3e
-
Xuanwu Spider via 看雪
[ IoTDevice ] HG533 路由器分析教程之五 固件漏洞挖掘,前面还有几篇,见文末链接: https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458282682&idx=2&sn=5b160b113667a675001dbb875bba0f3f&chksm=b1815a3086f6d3262c0b8bbe6a971d1582fbf7b7bc514aa2a70ffe3131eb05d89eab651b34dc&mpshare=1&scene=23&srcid=04266Qamv6VgoNwI2LbCC2oq#rd
-
Xuanwu Spider via 0xcc0xcd.com
[ Mobile ] 手把手教你手机编译 ROM,让自己的手机运行自己编译的 ROM(视频): http://0xcc0xcd.com/p/videos/build-your-own-rom.php
-
Xuanwu Spider via media.ccc.de
[ Mobile ] 关注 GSM/移动网络安全的 OsmoCon 2017 会议的视频资料公开了: https://media.ccc.de/c/osmocon17
-
Xuanwu Spider via 火绒安全
[ Others ] 游戏外挂网站暗藏病毒——盗号、锁首等数种危害并举: https://mp.weixin.qq.com/s?__biz=MzIxMjU1MDQ3OQ==&mid=2247483906&idx=1&sn=d9d0c81cb587af52cdd369bcc16994fe&chksm=97451422a0329d349731348221ac2bcc719dcb42d276357d3e846ad7bb82c7e3a76af9883212&mpshare=1&scene=23&srcid=0426QUK9CNvOFa3g1KN8jzPZ#rd
-
Xuanwu Spider via 启明星辰
[ Tools ] Wikileaks公布的CIA“Marble”框架分析: https://mp.weixin.qq.com/s?__biz=MzAwNTI1NDI3MQ==&mid=2649612204&idx=1&sn=d05624a73eefd7c6bfa674b22e812e4d&chksm=830602bcb4718baab293b75c598eb32fee653404eeaffd8b60f59d7d944bd283e01453c5243a&mpshare=1&scene=23&srcid=042658zyrElHBz1TOxV2gN4X#rd
-
Xuanwu Spider via Solidot
[ Vulnerability ] 德国的研究人员检查了 GitHub 上 6.4 万多个项目的 PHP 代码,发现了 117 个与有缺陷的在线教程相关的漏洞: http://www.solidot.org/story?sid=52157