腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Malware ] The slides from my presentation "Wicked #malware persistence methods": https://drive.google.com/file/d/0Bzb5kQFOXkiSVEVMTy12dlhJcW8/view
" 恶意软件持久化驻留的技巧分析: https://t.co/zt1ODPCQsS "
-
[ Tools ] Updated blogpost ! I confirm wanakiwi decryption tool for #WannaCry also works with Windows 7 too ! https://blog.comae.io/wannacry-decrypting-files-with-wanakiwi-demo-86bafb81112d
" WanaKiwi - 研究员 Matt Suiche 确认 Adrien Guinet 在内存中暴力搜索 WannaCry 勒索软件 RSA 密钥的方法有效,而且不只是 Windows XP,Windows 7 系统也可以: https://blog.comae.io/wannacry-decrypting-files-with-wanakiwi-demo-86bafb81112d Github: https://github.com/gentilkiwi/wanakiwi "
-
[ Vulnerability ] [blog] *bleed continues: 18 byte file, $14k bounty, for leaking private Yahoo! Mail images https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html
" 利用 Yahoo! 缩略图服务器的一个 JPEG 压缩越界读漏洞,泄露内存中的认证密钥: https://t.co/bfUPeCBtX0 "
-
[ Windows ] Applocker Bypass via Registry Key Manipulation http://contextis.com/resources/blog/applocker-bypass-registry-key-manipulation/
" 通过操作注册表实现 Applocker Bypass: https://t.co/6ZWGNalGE5 "
-
[ Windows ] Common weaknesses in your Windows network: Relaying credentials everywhere with ntlmrelayx http://fox-it.com/en/insights/blogs/blog/inside-windows-network https://t.co/EFUouGyzK4
" Fox-IT 公开了一个攻击 NTLM 认证协议重定向问题的 SMB Relay 工具 - ntlmrelayx,利用这个工具可以将凭据转发至 LDAP, IMAP 以及 MSSQL: https://t.co/bUugr0nQpa "