腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] V8 v6.3+ 中的 Hash Tables 数据结构是如何存储 Keys 的: https://v8project.blogspot.com/2018/01/hash-code.html
-
[ Browser ] V8 引擎 UAF 漏洞导致远程代码执行(CVE-2017-15399): https://bugs.chromium.org/p/chromium/issues/detail?id=776677
-
[ Detect ] 编写 Yara 规则检测嵌入在 OLE 对象中的 EXE 文件: https://www.nextron-systems.com/2018/01/22/write-yara-rules-detect-embedded-exe-files-ole-objects/
-
[ Industry News ] 利用恶意种子生成网站 iotaseed.io 从 IOTA 加密货币网站偷 400 万美金: https://thatoddmailbox.github.io/2018/01/28/iotaseed.html
-
[ IoTDevice ] IoT 设备固件仿真教程入门: https://blog.attify.com/getting-started-with-firmware-emulation/
-
[ MachineLearning ] CommanderSong - 语言识别中的对抗性扰动攻击: https://arxiv.org/pdf/1801.08535.pdf
-
[ Malware ] Paloalto 研究员发现 Quasar RAT 和 VERMIN 恶意软件被用于针对乌克兰的攻击: https://researchcenter.paloaltonetworks.com/2018/01/unit42-vermin-quasar-rat-custom-malware-used-ukraine/
-
[ MalwareAnalysis ] 黑客组织使用 PoriewSpy 对印度安卓用户进行间谍攻击,趋势科技对此做了技术分析: https://blog.trendmicro.com/trendlabs-security-intelligence/hacking-group-spies-android-users-india-using-poriewspy/
-
[ Others ] 通过强化学习来规避静态 PE 机器学习恶意软件检测模型: https://arxiv.org/pdf/1801.08917.pdf
-
[ Others ] Cisco ASA 实验环境的搭建,来自 NCC Group: https://github.com/nccgroup/asatools/blob/master/tutorial.md
-
[ Others ] 《分布式系统设计》,来自微软: https://azure.microsoft.com/en-us/resources/designing-distributed-systems/en-us/
-
[ Popular Software ] DDE攻击利用:使用 OneNote 和 Excel 进行代码执行: https://posts.specterops.io/reviving-dde-using-onenote-and-excel-for-code-execution-d7226864caee
-
[ Popular Software ] VyprVPN for macOS 的漏洞分析与利用: https://versprite.com/og/exploiting-vypervpn-macos/
-
[ SecurityProduct ] Cisco ASA 远程代码执行与拒绝服务漏洞披露(CVE-2018-0101): https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
-
[ SecurityProduct ] 利用 SeTakeOwnershipPrivilege 攻击 System Shield 反病毒软件内核驱动 amp.sys 的任意地址写漏洞(CVE-2018-5701): http://www.greyhathacker.net/?p=1006
-
[ Tools ] JADX - 从 Android Dex 字节码到 Java 的反编译工具: https://github.com/skylot/jadx
-
[ Tools ] IoT ARM 漏洞利用开发介绍 : https://www.exploit-db.com/docs/english/43906-arm-exploitation-for-iot.pdf
-
[ Tools ] wavecrack - 调用 Hashcat 进行密码破解的 Web 操作接口: https://github.com/wavestone-cdt/wavecrack
-
[ Tools ] Metasploit 框架新集成了 MS17-010 EternalSynergy Exploits,该 Exploits 支持 Windows 2000 到 Windows Server 2016 的所有版本,非常稳定: https://github.com/rapid7/metasploit-framework/pull/9473https://twitter.com/i/web/status/957938925087182848
-
[ Vulnerability ] iOS、webOS、tvOS 的 bluetoothd 服务被发现两个严重的漏洞(CVE-2018-4087/CVE-2018-4095): https://blog.zimperium.com/new-crucial-vulnerabilities-apples-bluetoothd-daemon/
-
[ Windows ] DCShadow - Active Directory 域控环境中的最新攻击方法: https://blog.alsid.eu/dcshadow-explained-4510f52fc19d
-
[ Windows ] 通过多路径错误注入(Multi-Path Fault Injection)的方法利用 S2E 测试 Windows 驱动中常见的错误恢复代码: https://github.com/S2E/docs/blob/master/src/Tutorials/WindowsDrivers/FaultInjection.rst#testing-error-recovery-code
-
-
-
-
[ Popular Software ] 也谈Weblogic漏洞CVE-2017-10271的利用方法: http://webcache.googleusercontent.com/search?q=cache:sH7j8TF8uOIJ:www.freebuf.com/vuls/160367.html
-