腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Firmware ] 用于防护 RootKits,确保启动链安全的 Intel 项目 - Boot Guard: https://github.com/flothrone/bootguard https://www.blackhat.com/docs/asia-17/materials/asia-17-Matrosov-The-UEFI-Firmware-Rootkits-Myths-And-Reality.pdf
-
[ Fuzzing ] Fuzzing Numpy - 用于 Fuzz Python 数值运算库 NumPy 的工具: https://github.com/jaybosamiya/fuzzing-numpy
-
[ Tools ] GSM 数据包分析框架: https://n0where.net/gsm-packets-analysis-framework/
-
[ Tools ] MBRFilter - 一个用于防护 MBR 注入攻击的工具: http://pentestit.com/mbrfilter-protect-mbr-infection/
-
[ Windows ] Windows Ring 0 代码执行的秘密,来自对 Shadow Brokers 泄漏样本的逆向: https://zerosum0x0.blogspot.com/2017/07/puppet-strings-dirty-secret-for-free.html
-
[ Windows ] Windows 16225 版本 SDK 中调试器部分有更新,内置了对脚本的调试功能: https://blogs.msdn.microsoft.com/windbg/2017/06/30/script-debugging-walkthrough/ https://blogs.msdn.microsoft.com/windbg/2017/06/29/debugger-updates-in-the-16225-sdk-preview/
-
-
-
[ Popular Software ] VLC 播放器加载恶意字幕文件导致执行任意代码漏洞分析与 out-of-bounds write poc 实现(CVE-2017-8313,CVE-2017-8312,CVE-2017-8311): http://www.freebuf.com/articles/system/138574.html
-
[ Popular Software ] Dell 系统预装的几款 Dell Precision Optimizer 应用服务软件存在漏洞,成功利用可以实现禁用安全机制、提权:http://blog.talosintelligence.com/2017/06/vulnerability-spotlight-dell-precision.html
-
[ SCADA ] Siemens 修复了影响其工控产品的 Intel AMT 组件的漏洞:https://threatpost.com/siemens-patches-critical-intel-amt-flaw-in-industrial-products/126652/
-