腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android 六月安全公告: https://t.co/4qsfV98nyh
-
[ Browser ] WebKit 将启用智能反追踪技术(Intelligent Tracking Prevention),默认阻止第三方 Cookie 使用,降低用户隐私被追踪的风险: https://t.co/WlymWQvPcq
-
[ Debug ] 反调试技术详解: https://t.co/GP2kfekf8w
-
[ Industry News ] ShadowFall - RSA 研究团队最近对 RIG Exploit Kit 的追踪过程中发现了大量通过 Domain Shadowing 技术窃取的二级域名: https://blogs.rsa.com/shadowfall/
-
[ IoTDevice ] 斯巴鲁(Subarus)车载系统 Starlink 存在安全问题,攻击者可在未授权的情况下访问其它账户: https://t.co/HpymqRM5Vp
-
[ Mobile ] 高通 TrustZone 内核允许加载 Trustlets 进 QSEE 中,加载时会验证 Trustlets 的签名。但是 Nexus 6P 和 Nexus 6 设备实现时缺少签名的吊销机制: https://t.co/d1z4QQtxMm
-
[ Others ] “ 有研究员对美国总统 Donald Trump 的大量 Twitter Followers 机器人的统计分析: https://labsblog.f-secure.com/2017/06/02/why-is-somebody-creating-an-army-of-twitter-bots/ https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_thomas.pdf
-
[ Others ] An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability: http://blog.fortinet.com/2017/06/04/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability
-
[ Others ] Parallels Desktop 虚拟机逃逸,共享文件夹功能存在缺陷,虚拟机可向宿主机中写入任意文件: https://www.exploit-db.com/exploits/42116/
-
[ Programming ] phpinternals - 一本深入解析 PHP 内部架构的网络版书籍: https://github.com/phpinternalsbook/PHP-Internals-Book
-
[ Tools ] StarFighters- 基于 JavaScript 和 VBScript 的 Empire 攻击框架的进程 Launcher,无需启动 PowerShell.exe: https://github.com/Cn33liz/StarFighters#a-javascript-and-vbscript-based-empire-launcher---by-cn33liz-2017
-
[ Tools ] Lazydroid - 为评估 Android 应用程序提供方便的 Bash 脚本: https://t.co/WVwxDBUHaF
-
[ Tools ] PRET - 针对打印机的漏洞利用工具包介绍: https://t.co/5llWkCIHXf
-
[ Vulnerability ] NXP i.MX53 芯片 High Assurance Boot (HABv4) Bypass 漏洞: https://github.com/inversepath/usbarmory/blob/master/software/secure_boot/Security_Advisory-Ref_QBVR2017-0001.txt
-
[ Windows ] 之前推送过用于研究 Windows 驱动的实验环境 HackSysExtremeVulnerableDriver,这次这篇 Blog 比较详细的介绍了 HEVD 的安装和调试过程: https://hshrzd.wordpress.com/2017/06/05/starting-with-windows-kernel-exploitation-part-2/
-
[ Windows ] windows-syscall-table - 从 WinXp sp0 到 Win10 rs2 1703 的 Windows 内核系统调用表收集: https://t.co/ETulciJIc7
-
-
-
-
[ Windows ] 枚举 Windows 10 的 VAD(Virtual Address Descriptors)Types: http://rce4fun.blogspot.com/2017/06/exploring-virtual-address-descriptors.html