腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Bug Bounty ] Relaunching Mozilla’s Web Security Bounty Program (RCE critical Sites now $5000) https://blog.mozilla.org/security/2017/05/11/relaunching-web-bug-bounty-program/
" Mozilla 发起了针对 Web 平台的 Bug Bounty 项目: https://blog.mozilla.org/security/2017/05/11/relaunching-web-bug-bounty-program/ "
-
[ Industry News ] We discovered a keylogger in a recent HP audio driver package. https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html - CVE-2017-8360
" 惠普(HP)预装的 Audio Driver 驱动套件中被发现了一个 Keylogger 键盘记录程序,至少从 2015 年底就存在了。这个 Keylogger 携带音频芯片厂商 Conexant 的签名。用户可以自己检查一下这个文件是否存在: C:\Windows\System32\MicTray.exe: https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html "
-
[ MalwareAnalysis ] Password stealing malware - OSX/Proton.B broken down and Reverse engineered : https://www.cybereason.com/labs-proton-b-what-this-mac-malware-actually-does/ cc @ 0xAmit
" 对上次 HandBrake 被攻击事件中安插的恶意软件 - Proton 的详细分析: https://www.cybereason.com/labs-proton-b-what-this-mac-malware-actually-does/ "
-
[ Mobile ] OnePlus OTAs: Analysis & Exploitation (CVE-2017-5948, CVE-2017-8850/1, CVE-2016-10370) https://alephsecurity.com/2017/05/11/oneplus-ota/
" OnePlus OTA 升级中的中间人劫持漏洞的分析和利用,影响 OnePlus One/X/2/3/3T: https://alephsecurity.com/2017/05/11/oneplus-ota/ "
-
[ Network ] Domain fronting with PoshC2 - https://inyour.network/blog/2017/Domain-Fronting-PoshC2/
" 在 PoshC2 中使用 Domain Fronting 技术隐藏可疑流量传输: https://inyour.network/blog/2017/Domain-Fronting-PoshC2/ "
-
[ OpenSourceProject ] [blog] [0day] Proving http://Box.com fixed ASLR via ImageMagick uninitialized zlib stream buffer: https://scarybeastsecurity.blogspot.com/2017/05/0day-proving-boxcom-fixed-aslr-via.html
" 利用 ImageMagick PSD 文件 Decoder 的一个 0Day 验证 Box.com 服务器修复了之前他报告的 ASLR 问题: https://scarybeastsecurity.blogspot.com/2017/05/0day-proving-boxcom-fixed-aslr-via.html "
-
[ Others ] Security Assessment of OpenVPN http://blog.quarkslab.com/security-assessment-of-openvpn.html
" 开源项目 OpenVPN 2.4.0 版本的安全审计报告: http://blog.quarkslab.com/security-assessment-of-openvpn.html "
-
[ Others ] How my car insurance exposed my position - https://www.andreascarpino.it/posts/how-my-car-insurance-exposed-my-position.html
" 汽车保险公司给我的卫星设备实时暴露着我的位置: https://www.andreascarpino.it/posts/how-my-car-insurance-exposed-my-position.html "
-
[ Popular Software ] Another day another #RCE #0day - #Vanilla Forums 2.3 -Patch it up #infosec Advisory&PoC #exploit at #Exploit_Box… https://t.co/oIfExshob2
" Vanilla Forums <= 2.3 无需认证的远程代码执行漏洞的分析与利用( CVE-2016-10033): https://exploitbox.io/vuln/Vanilla-Forums-Exploit-RCE-0day-Remote-Code-Exec-CVE-2016-10033.html "
-
[ Sandbox ] DOM based Angular sandbox escapes http://blog.portswigger.net/2017/05/dom-based-angularjs-sandbox-escapes.html
" 基于 DOM 的 AngularJS 沙箱逃逸: http://blog.portswigger.net/2017/05/dom-based-angularjs-sandbox-escapes.html "
-
[ Tools ] Gixy : Nginx Configuration Static Analyzer (prevents security misconfiguration and automate flaw detection) : https://github.com/yandex/gixy
" Gixy - Nginx 配置静态分析工具: https://t.co/afq4gb6i9k "
-
[ Tools ] KMSAN (KernelMemorySanitier) https://github.com/google/kmsan
" kmsan(KernelMemorySanitier)- Google 开源的用于检测 Linux 内核未初始化内存漏洞的工具: https://github.com/google/kmsan "
-
[ Tools ] HexRaysPyTools : An IDAPython framework targeting Hex-Rays and classes/structures : https://github.com/igogo-x86/HexRaysPyTools
" HexRaysPyTools - IDA 的一个插件,用于辅助创建类/结构体的信息: https://github.com/igogo-x86/HexRaysPyTools https://github.com/igogo-x86/HexRaysPyTools/blob/master/zeronights_2016.pptx "
-
[ Windows ] Windows 10 HAL’s Heap – Extinction of the "HalpInterruptController" Table Exploitation Technique by @NicoEconomou https://t.co/yG1ss5ho5k
" Windows 10 Creators Update 版本开始,基于固定地址(0xffd00000)的 HalpInterruptController Table 利用技术绝迹了,这个地址开始随机了: https://labs.bluefrostsecurity.de/blog/2017/05/11/windows-10-hals-heap-extinction-of-the-halpinterruptcontroller-table-exploitation-technique/ "
-
[ Windows ] [New Post] AppLocker Bypass - Script Rules https://pentestlab.blog/2017/05/11/applocker-bypass-regsvr32/ #pentestlab #pentest #regsvr32
" 利用 Regsvr32 绕过 Applocker 的限制策略 : https://pentestlab.blog/2017/05/11/applocker-bypass-regsvr32/ "
-
[ Others ] 微软 Azure Cosmos 分布式数据库服务的技术概览: https://azure.microsoft.com/en-us/blog/a-technical-overview-of-azure-cosmos-db/