腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

x0rz @x0rz

[ Browser ] Mozilla Firefox Memory disclosure in ConvolvePixel (CVE-2017-5465) https://bugs.chromium.org/p/project-zero/issues/detail?id=1185 #vulnerability

" Mozilla Firefox: ConvolvePixel()函数越界访问导致内存泄露（cve-2017-5465）： https://t.co/lZGvU69Pup "
Mobile Security @Mobile_Sec

[ Linux ] How Dirty COW (CVE-2016-5195) works under the hood from the kernel’s perspective: https://chao-tic.github.io/blog/2017/05/24/dirty-cow

" Dirty COW 漏洞以及从内核的角度来深度分析 Dirty COW： https://t.co/HuhK59IBQh "
Nicolas Krassas @Dinosn

[ macOS ] Monitoring HTTPS Traffic of a Single App on OSX https://calebfenton.github.io/2017/05/27/monitoring-https-of-a-single-app-on-osx/

" 如何在 macOS 中监控指定应用的 HTTPS 流量： https://t.co/1IyxK3EPRz单 "
Mobile Security @Mobile_Sec

[ Others ] Great work @ bellis1000 A collection of vulnerable ARM binaries for practicing exploit development https://github.com/Billy-Ellis/Exploit-Challenges

" Exploit-Challenges - ARM v7 逆向练习： https://t.co/0mOIVuJsC0 "
p3nt4 @xP3nt4

[ Tools ] https://github.com/p3nt4/PowerShdll PowerShdll v0.2 is out. Run powershell scripts in rundll32.

" PowerShdll - 借助 rundll32 拉起 PowerShell 的工具： https://t.co/7GfWlCipxApowershdll "