
腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] ZDI 分析 2017 Top 5 漏洞案例的第五篇:Chakra 引擎 ASM.js 相关的两个 UAF 漏洞的分析(CVE-2017-11812): https://www.zerodayinitiative.com/blog/2017/12/22/a-matching-pair-of-use-after-free-bugs-in-chakra-asmjs
-
[ Industry News ] Nissan Canada Finance 110万用户数据泄漏事件披露: https://threatpost.com/nissan-canada-finance-notifies-1-1-million-of-data-breach/129233/
-
[ MalwareAnalysis ] TrendLab 针对 2017 年勒索软件的回顾: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/2017-ransomware-recap
-
[ Tools ] rsg - 通过多种方式生成反弹 Shell 的工具: https://github.com/mthbernardes/rsg
-
[ Web Security ] 使用 Burp Suite 完成复杂的 Intruder Attacks 操作: https://www.trustedsec.com/2017/12/complex-intruder-attacks-burp/