腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] 理解 V8 字节码: https://medium.com/dailyjs/understanding-v8s-bytecode-317d46c94775
-
[ Browser ] v8 引擎实现了 Type profiling,可在运行时收集类型信息: https://medium.com/fhinkel/runtime-type-information-for-javascript-b134faac3c0a
-
[ Data Breach ] 继 1.43 亿 Equifax 美国用户信息泄漏事件后,Equifax 英国公司确认 40 万英国用户个人信息同遭影响: http://securityaffairs.co/wordpress/63109/data-breach/equifax-data-breach-britons.html
-
[ Tools ] Improved decoder for Burp Suite: https://github.com/nccgroup/Decoder-Improved
-
[ Tools ] macphish - 生成 Office for Mac 宏 Payload 的工具: https://github.com/cldrn/macphish
-
[ Conference ] USENIX 2017 会议的大部分演讲视频都已经公开了: https://www.usenix.org/conference/usenixsecurity17/technical-sessions
-
[ Fuzzing ] 利用 WinAFL 来 fuzz MSXML library : https://symeonp.github.io/2017/09/17/fuzzing-winafl.html
-
[ IoTDevice ] An Introduction to Printer Exploitation #1 : https://0x00sec.org/t/an-introduction-to-printer-exploitation-1/3565
-
-
[ Virtualization ] Wandering through the Shady Corners of VMware Workstation/Fusion: https://comsecuris.com/blog/posts/vmware_vgpu_shader_vulnerabilities/
-
[ Vulnerability ] Xdebug: A Tiny Attack Surface: https://ricterz.me/posts/Xdebug%3A%20A%20Tiny%20Attack%20Surface