
腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android Oreo 在安全性方面做出的努力,来自 Android 官方 Blog: https://android-developers.googleblog.com/2017/12/double-stuffed-security-in-android-oreo.html
-
[ Browser ] ZDI 分析 2017 Top 5 漏洞案例的第三篇,这篇是分析 2016 年 Apple Safari 在处理 SearchInputType 对象中的一个类型混淆漏洞(ZDI-17-054/CVE-2017-2354): https://www.thezdi.com/blog/2017/12/20/invariantly-exploitable-input-an-apple-safari-bug-worth-revisiting
-
[ Browser ] Safari 技术预览版 46 发布: https://webkit.org/blog/8042/release-notes-for-safari-technology-preview-46/
-
[ Data Breach ] 线上销售及数据分析公司 Alteryx 数据泄漏事件暴露 1.23 亿美国家庭信息: https://www.huffingtonpost.com/entry/alteryx-data-breach-123-million-households_us_5a39316ae4b0860bf4ab4e24
-
[ IoTDevice ] 国外有研究员通过逆向分析发现小米 Yeelight 智能灯泡会偷偷记录用户家里的音频信息: https://medium.com/@slinafirinne/yeelight-the-bluetooth-led-bedside-lamp-from-xiaomi-that-spies-on-you-part-one-a651207c70bd
-
[ macOS ] 公开的免费书: Mac OS X and iOS Internals: To the Apple's Core: http://newosxbook.com/MOXiI.pdf
-
[ Malware ] 巴西银行木马通过 CHM 帮助文档进行传播: https://www.trustwave.com/Resources/SpiderLabs-Blog/CHM-Badness-Delivers-a-Banking-Trojan/
-
[ MalwareAnalysis ] TrendLab 发现最近 CVE-2017-11882 被用来投递 Loki Infostealer : http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-11882-exploited-deliver-cracked-version-loki-infostealer/
-
[ Popular Software ] VyprVPN for MacOS 本地提权漏洞披露(CVE-2017-17809): https://github.com/VerSprite/research/blob/master/advisories/VS-2017-007.md
-
[ SecurityReport ] Proofpoint 发布 Lazarus Group 黑客组织研究报告: https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf
-
[ Tools ] munin - 根据 Hash 从 Virustotal 以及其他在线服务中提取有价值的信息的工具: https://github.com/Neo23x0/munin
-
[ Tools ] WhatWaf - 检测并绕过 Web 应用程序防火墙以及保护系统: https://github.com/Ekultek/WhatWaf
-
[ Tools ] DNSExfiltrator - 通过 DNS 请求进行数据传输: https://github.com/Arno0x/DNSExfiltrator
-
[ Virtualization ] 利用 radare2 框架逆向分析以太坊虚拟机(Ethereum Virtual Machine)的字节码: https://blog.positive.com/reversing-evm-bytecode-with-radare2-ab77247e5e53
-
[ Vulnerability ] Chrome PDFium 调用的 OpenJPEG 库堆缓冲区溢出漏洞(CVE-2017-15408): https://bugs.chromium.org/p/chromium/issues/detail?id=762374
-
[ Windows ] 从 Windows 10 Insider Build 17063 开始,unix socket (AF_UNIX) 地址簇可以在 win32 进程间使用了: https://blogs.msdn.microsoft.com/commandline/2017/12/19/af_unix-comes-to-windows/
-
[ Windows ] Windows 内核 NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write 导致的信息泄露漏洞,来自 Project Zero: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456
-
[ Windows ] Windows 10 发布 Insider Preview Build 17063 版本: https://blogs.windows.com/windowsexperience/2017/12/19/announcing-windows-10-insider-preview-build-17063-pc/
-
-
-
-
[ MalwareAnalysis ] 针对 BrickerBot mod_plaintext 的分析: https://www.trustwave.com/Resources/SpiderLabs-Blog/BrickerBot-mod_plaintext-Analysis/
-
-
[ Popular Software ] TeamViewer 13.0.5058中的权限漏洞测试: https://3gstudent.github.io/3gstudent.github.io/TeamViewer-13.0.5058%E4%B8%AD%E7%9A%84%E6%9D%83%E9%99%90%E6%BC%8F%E6%B4%9E%E6%B5%8B%E8%AF%95/
-
[ Vulnerability ] Finding the Low-Hanging Route - 思科用于 SDN 网络的应用策略基础设施控制器企业模块(APIC-EM)被发现严重漏洞(CVE-2017-12262): https://labs.mwrinfosecurity.com/blog/routing-101/
-
[ Web Security ] 深入了解 SSRF 漏洞并实现自动化攻击工具: https://medium.com/@auxy233/the-design-and-implementation-of-ssrf-attack-framework-550e9fda16ea