腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2017/05/09

Daniel Bilar @daniel_bilar

[ Hardware ] #Rowhammer bitflips as PUF http://www.seceng.informatik.tu-darmstadt.de/people/schaller/rowhammer-puf [intrinsic DRAM, boot & rt; code http://caslab.csl.yale.edu/code/rowhammerpuf/RHPUFcode-2017-04-28.tar.gz ; see… https://t.co/XxTjJPNuWL

" RowHammer 在物理设备识别、设备指纹方面的应用（paper）： http://www.seceng.informatik.tu-darmstadt.de/assets/schaller-2/rowhammer-puf/rowhammer-puf.pdf code： http://caslab.csl.yale.edu/code/rowhammerpuf/RHPUFcode-2017-04-28.tar.gz "
ZDNet @ZDNet

[ Industry News ] Shodan can now find malware command and control servers http://zd.net/2pWlJvm https://t.co/3OUDChsv7f

" Shodan 开始提供 C&C 服务器搜索的服务： http://www.zdnet.com/article/shodan-can-now-find-malware-command-and-control-servers/?ftag=COS-05-10aaa0g&utm_campaign=trueAnthem:+Trending+Content&utm_content=590fd95604d3017a68c5d489&utm_medium=trueAnthem&utm_source=twitter "
Threatpost @threatpost

[ IoTDevice ] Hikvision patches backdoor in IP cameras - http://bit.ly/2pUZpnF https://t.co/1kQ0Mp34Qq

" 海康威视发布了网络摄像头设备的后门修复补丁： https://threatpost.com/hikvision-patches-backdoor-in-ip-cameras/125522/ "
Ryan Stortz @withzombies

[ Network ] use computer vision to find deceptive IDNs https://github.com/withzombies/deceptiveidn

" 利用计算机视觉技术检测钓鱼中常用的 IDN（支持国际化的域名体系）： https://github.com/trailofbits/deceptiveidn "
Mark Russinovich @markrussinovich

[ Others ] FPGAs for Dummies: https://www.altera.com/content/dam/altera-www/global/en_US/pdfs/literature/misc/fpgas_for_dummies_ebook.pdf

" 《FPGAs for Dummies》电子书： https://www.altera.com/content/dam/altera-www/global/en_US/pdfs/literature/misc/fpgas_for_dummies_ebook.pdf "
Nicolas Krassas @Dinosn

[ Popular Software ] Unitrends Vulnerability Hunting: Remote Code Execution (CVE-2017-7280) – Chapter 2 https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-2/

" UNITRENDS 远程代码执行漏洞与本地文件包含漏洞分析（CVE-2017-7280）： https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-2/ "
Vex Woo @Nixawk

[ Tools ] Python poc for CVE-2017-5689 Intel AMT - https://github.com/nixawk/labs/blob/master/CVE-2017-5689/CVE-2017-5689.py

" CVE-2017-5689 Intel AMT 提权漏洞 PoC： https://github.com/nixawk/labs/blob/master/CVE-2017-5689/CVE-2017-5689.py "
John Regehr @johnregehr

[ Tools ] Z3str3 String Constraint Solver https://sites.google.com/site/z3strsolver/

" Z3 - Google 开源的约束求解器： https://github.com/z3prover/z3 "
Binni Shah @binitamshah

[ Tools ] Let’s Build A Simple Interpreter (Part 14 ) : Nested Scopes and a Source-to-Source Compiler : https://ruslanspivak.com/lsbasi-part14/

" 一起创建一个解释器 part 14： https://t.co/6km99v4isj "
l33tdawg @l33tdawg

[ Virtualization ] Try Deep Learning in Python now with a fully pre-configured VM - https://medium.com/@ ageitgey/try-deep-learning-in-python-now-with-a-fully-pre-configured-vm-1d97d4c3e9b

" 基于 Python 进行深度学习的 VM 虚拟机： https://medium.com/@ageitgey/try-deep-learning-in-python-now-with-a-fully-pre-configured-vm-1d97d4c3e9b "
Nicolas Krassas @Dinosn

[ Vulnerability ] Vulnerability Spotlight: WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability https://blogs.cisco.com/security/talos/wolfssl-x509-vuln

" Cisco Talos 的研究员发现 WolfSSL 库在解析 X509 证书的文本信息时存在代码执行漏洞（ CVE 2017-2800）： https://blogs.cisco.com/security/talos/wolfssl-x509-vuln "
Nicolas Krassas @Dinosn

[ Vulnerability ] libpcre heap-based buffer overflow write in pcre2test.c https://cxsecurity.com/issue/WLB-2017050049

" perl 正则表达式库 libpcre 存在堆溢出漏洞（CVE-2017-8786）： https://cxsecurity.com/issue/WLB-2017050049 "
Binni Shah @binitamshah

[ Vulnerability ] Abusing Gmail to get previously unlisted e-mail addresses : https://blog.0day.rocks/abusing-gmail-to-get-previously-unlisted-e-mail-addresses-41544b62b2

" Gmail 存在用户枚举漏洞： https://t.co/kcae4fwwrc "
Nicolas Krassas @Dinosn

[ Vulnerability ] Bypassing OTR Signature Verification to Steal iCloud Keychain Secrets https://medium.com/@ longtermsec/bypassing-otr-signature-verification-to-steal-icloud-keychain-secrets-9e92ab55b605

" 利用 iCloud Keychain Sync OTR 签名验证逻辑的漏洞偷密钥（CVE-2017–2448），作者将要在 BlackHat USA 分享更详细的细节： https://medium.com/@longtermsec/bypassing-otr-signature-verification-to-steal-icloud-keychain-secrets-9e92ab55b605 "
Sean Metcalf @PyroTek3

[ Windows ] Slides from my @ BSidesCharm talk posted on #ActiveDirectory threat hunting: https://adsecurity.org/?p=3621 Video & Slides:… https://t.co/yIFegxJX60

" 活动目录（Active Directory）环境中的威胁检测： https://adsecurity.org/wp-content/uploads/2017/04/2017-BSidesCharm-DetectingtheElusive-ActiveDirectoryThreatHunting-Final.pdf "

XuanwuSpider via android.com

[ Android ] Android 官方更新了漏洞评级（高危/中危/低危）的标准： https://source.android.com/security/overview/updates-resources
XuanwuSpider via google's blog

[ Industry News ] Fuzz 工具 OSS-Fuzz 开源的 5 个月中，被用于测试了 47 个开源项目，发现了超过 1000 个 Bug(264 个潜在漏洞)： https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html
XuanwuSpider via cnBeta

[ Industry News ] Google正秘密开发第三款操作系统 Fuchsia： http://www.cnbeta.com/articles/tech/610387.htm
XuanwuSpider via project zero

[ Virtualization ] Xen: 64bit PV guest breakout via pagetable use-after-type-change(XSA-213)： https://bugs.chromium.org/p/project-zero/issues/detail?id=1231

2017/05/09