腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Firmware ] 攻击 Intel ME 引擎,黑掉一台关机状态的电脑,运行未签名的固件代码: http://blog.ptsecurity.com/2018/01/running-unsigned-code-in-intel-me.html
-
[ Hardware ] 微软为了修复“幽灵” Spectre CPU 漏洞,补丁中引入了一个新特性 - Kernel Virtual Address Shadow,来自 Fortinet 团队对该特性的深度分析: https://blog.fortinet.com/2018/01/25/a-deep-dive-analysis-of-microsoft-s-kernel-virtual-address-shadow-feature
-
[ Linux ] 如何将 APFS 镜像文件挂载到 Linux 系统: http://az4n6.blogspot.com/2018/01/mounting-apfs-image-in-linux.html
-
[ Malware ] Unit 42 近日发现一波利用流行第三方服务(Google+, Pastebin,bit.ly)进行攻击的行动: https://researchcenter.paloaltonetworks.com/2018/01/unit42-the-tophat-campaign-attacks-within-the-middle-east-region-using-popular-third-party-services/
-
[ Malware ] 恶意广告运动滥用 Google DoubleClick 投放加密货币挖矿脚本: https://blog.trendmicro.com/trendlabs-security-intelligence/malvertising-campaign-abuses-googles-doubleclick-to-deliver-cryptocurrency-miners/
-
[ Others ] 微软的智能文件传输服务(BITS)越来越多地被攻击者滥用下载文件,这篇文章介绍如何监控 BITS 服务的活动: https://isc.sans.edu/forums/diary/Investigating+Microsoft+BITS+Activity/23281/
-
[ SecurityAdvisory ] VMware 发布安全公告,公布 vRealize Automation,vSphere Integrated Containers 等多个安全漏洞(CVE-2017-4947, CVE-2017-4951): https://www.vmware.com/security/advisories/VMSA-2018-0006.html
-
[ Tools ] BurpSuite 的宏与会话处理: https://digi.ninja/blog/burp_macros.php
-
[ Tools ] 使用动态二进制工具框架 QBDI 解决 CTF 挑战: https://blog.quarkslab.com/slaying-dragons-with-qbdi.html
-
[ Tools ] bettercap-ng - bettercap 的重新实现 : https://github.com/evilsocket/bettercap-ng#cross-compiling
-
[ Vulnerability ] WordPress Splashing Images 插件的 PHP 对象注入与 XSS 漏洞披露(CVE-2018-6194, CVE-2018-6195): http://seclists.org/fulldisclosure/2018/Jan/91