腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] 在 OSX 上调试第三方 Android Java 代码: https://kov4l3nko.github.io/blog/2018-01-20-debugging-thirdparty-android-java-code/
-
[ Browser ] Firefox 58 新功能介绍: https://hacks.mozilla.org/2018/01/firefox-58-the-quantum-era-continues/
-
[ Browser ] Chrome 60 SkShader::MakeColorShader 变量未初始化漏洞(CVE-2017-5102): https://bugs.chromium.org/p/chromium/issues/detail?id=727678
-
[ iOS ] Remounting root as RW on iOS: https://stek29.rocks/2018/01/22/lwvm-mapforio.html
-
[ iOS ] 苹果发布 iOS 11.2.5 更新: https://support.apple.com/en-us/HT208463
-
[ macOS ] 苹果发布 macOS High Sierra 10.13.3 版本安全更新: https://support.apple.com/en-us/HT208465
-
[ MalwareAnalysis ] FinSpy 恶意软件的逆向分析之 FinSpy VM x86 代码的反混淆: http://www.msreverseengineering.com/blog/2018/1/23/a-walk-through-tutorial-with-code-on-statically-unpacking-the-finspy-vm-part-one-x86-deobfuscation
-
[ Mobile ] OWASP 发布《移动安全验证标准》 v1.0 版本: https://twitter.com/mobilesecurity_/status/955896808147955712
-
[ OpenSourceProject ] 基于 Git 开源框架Electron 的应用存在自定义协议处理漏洞( CVE-2018-1000006),可导致RCE: https://electronjs.org/blog/protocol-handler-fix
-
[ Others ] 卡巴斯基实验室对硬件令牌的安全性研究: https://securelist.com/a-silver-bullet-for-the-attacker/83661/
-
[ Others ] 通过 Tor 浏览器和 Domain Fronting 技术秘密的偷数据: https://blog.didierstevens.com/2018/01/20/quickpost-data-exfiltration-with-tor-browser-and-domain-fronting
-
[ Pentest ] SAP 渗透测试 第3部分:漏洞搜索的范围: https://erpscan.com/press-center/blog/perfect-sap-penetration-testing-part-3-scope-vulnerability-search/
-
[ Popular Software ] Node.JS 第三方 Web Server 组件 augustine 存在目录穿越漏洞,可以通过特殊构造的 GET 请求请求任意文件: https://hackerone.com/reports/296282
-
[ Popular Software ] 手机社交应用 Tinder 缺乏加密导致用户行为可被攻击者窥探: https://www.wired.com/story/tinder-lack-of-encryption-lets-strangers-spy-on-swipes/
-
[ Popular Software ] Oracle 金融服务分析应用 XXE 和反射型 XSS 漏洞详情披露(CVE-2018-2660, CVE-2018-2661): http://seclists.org/fulldisclosure/2018/Jan/76
-
-
[ Programming ] .NET 学习资源整合: http://mattwarren.org/2018/01/22/Resources-for-Learning-about-.NET-Internals/
-
[ Tools ] Vegile - Linux 后渗透测试工具,用于安装持久化后门: https://github.com/Screetsec/Vegile
-
[ Tools ] McSema 2.0 发布,一款将x86架构的二进制文件转化为LLVM 位码的工具: https://blog.trailofbits.com/2018/01/23/heavy-lifting-with-mcsema-2-0/
-
[ Tools ] enumdb - 暴力破解 MySQL/MSSQL 并在成功后自动提取数据库敏感信息的工具: https://github.com/m8r0wn/enumdb
-
[ Windows ] 利用 NTFS Alternate Data Stream (ADS) Bypass AppLocker: https://bohops.com/2018/01/23/loading-alternate-data-stream-ads-dll-cpl-binaries-to-bypass-applocker/
-
-
-
-
[ Hardware ] Meltdown and Spectre: What about drivers?: https://www.osr.com/blog/2018/01/23/meltdown-spectre-drivers/
-
-
[ MalwareAnalysis ] 躲在P2P蠕虫网络背后的幽灵:Dridex蠕虫新型变种探秘(附专杀工具): https://mp.weixin.qq.com/s/hLneRLsa8NiAnnq9IVgQHA
-
-
[ Vulnerability ] Smarty <= 3.1.32 代码执行漏洞分析—【CVE-2017-1000480】: https://mp.weixin.qq.com/s/MkXv1wU9qIfyGq4izH2VwQ
-
-
[ Web Security ] Google Endpoint for CSP Bypass: https://twitter.com/brutelogic/status/955911040721674241
-
[ Windows ] Windows Hypervisor Platform API 定义: https://docs.microsoft.com/en-us/virtualization/api/hypervisor-platform/hypervisor-platform