腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2017/08/29

[ Android ] Android WireX DDOS BOTNET 在几家公司的合作下被消灭了： https://threatpost.com/mobile-wirex-ddos-botnet-neutralized-by-collaboration-of-competitors/127680/
[ Challenges ] ZDI 公开了 Mobile Pwn2Own 比赛的攻击目标和对应奖金情况，手机有四款，包括 Google Pixel、三星 S8、iPhone 7 和华为 Mate9 Pro： https://www.zerodayinitiative.com/blog/2017/8/24/mobile-pwn2own-2017-returns-to-tokyo
[ Firmware ] 利用未文档化的 PCH Trap 切换到特殊模式，禁用 Intel ME 11： http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
[ MalwareAnalysis ] 趋势科技对安卓端勒索软件威胁分析: http://blog.trendmicro.com/trendlabs-security-intelligence/android-mobile-ransomware-evolution/
[ Mobile ] Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution，这篇 Paper 提出了一种针对可信执行环境的基于页表的攻击： https://argp.github.io/public/b81efa3a4c5826fa441852bd63a402c6.pdf
[ Others ] 微软 PE 二进制文件证书签名机制的细节： http://www.exploit-monday.com/2017/08/application-of-authenticode-signatures.html
[ Tools ] WinDBG 调试器发布了一个新版本的预览版，界面有非常大的改动： https://blogs.msdn.microsoft.com/windbg/2017/08/28/new-windbg-available-in-preview/
[ Tools ] 后渗透阶段攻击框架 Empire 更新 2.1 版本： https://github.com/EmpireProject/Empire/blob/master/changelog

[ Challenges ] HITB GSEC 2017: babyqemu Writeup ： https://kitctf.de/writeups/hitb2017/babyqemu
[ Conference ] 9 月 13 号在英国举办的 44CON 会议的日程和议题列表公开了： https://44con2017.sched.com/
[ Linux ] eLux Linux 本地提权漏洞详情（CVE-2017-7977）： https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/delux-edition-getting-root-privileges-on-the-elux-thin-client-os/
[ Others ] iBoot 漏洞利用相关的资料： https://twitter.com/mobilesecurity_/status/901474078992855041
[ Tools ] 【知识库】Dependency-check依赖检查工具： https://mp.weixin.qq.com/s/j37Y1rpQphFFSoAtbzSnMQ
[ Tools ] Software-Security-Learning： https://github.com/CHYbeta/Software-Security-Learning
[ Tools ] Red-Team-Infrastructure-Wiki: 红队基础设施加固相关的资源收集： https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki/blob/master/README.md
[ Tools ] WINspect - 基于 Powershell 实现的 Windows 安全审计工具： http://www.kitploit.com/2017/08/winspect-powershell-based-windows.html?m=1
[ Tools ] rattler: 寻找可用于 DLL 预加载攻击的 DLL 的自动化工具： https://sensepost.com/blog/2016/rattleridentifying-and-exploiting-dll-preloading-vulnerabilities/
[ Vulnerability ] BadNets：识别机器学习模型供应链中的漏洞（Paper）： https://arxiv.org/pdf/1708.06733v1.pdf
[ Vulnerability ] 使用 Flash 实现对 Json CSRF 漏洞的利用： http://www.geekboy.ninja/blog/exploiting-json-cross-site-request-forgery-csrf-using-flash/
[ Windows ] 利用 xwizard.exe 加载 DLL： https://3gstudent.github.io/3gstudent.github.io/Use-xwizard.exe-to-load-dll/

2017/08/29