腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android 8.1 兼容性定义中关于指纹传感器的部分: https://source.android.com/compatibility/8.1/android-8.1-cdd#7_3_10_fingerprint_sensor
-
[ Linux ] LKRG - 可动态加载的一个 Linux 内核运行时保护模块,用于内核完整性检查、关于数据篡改检查、内核漏洞攻击检测: https://twitter.com/i/web/status/958398684982661120http://www.openwall.com/lists/announce/2018/01/29/1http://www.openwall.com/lkrg/
-
[ MachineLearning ] AlphaGoZero 机器学习算法的开源实现: https://github.com/tensorflow/minigo
-
[ Malware ] 某论坛下载的 Burpsuite Keygen 破解工具被植入远控木马: https://0x00sec.org/t/malware-reversing-burpsuite-keygen/5167
-
[ MalwareAnalysis ] Unpacking a malware with libPeConv: https://hshrzd.wordpress.com/2018/01/29/unpacking-a-malware-with-libpeconv-pykspa-case-study/
-
[ MalwareAnalysis ] Malwarebytes 对 RIG 和 GrandSoft 漏洞利用工具包发布的 GandCrab 勒索软件的分析: https://blog.malwarebytes.com/threat-analysis/2018/01/gandcrab-ransomware-distributed-by-rig-and-grandsoft-exploit-kits/
-
[ MalwareAnalysis ] 以西藏为目标的钓鱼活动的分析报告: https://citizenlab.ca/2018/01/spying-on-a-budget-inside-a-phishing-operation-with-targets-in-the-tibetan-community/
-
[ Others ] Strava 热力图可以被用于推理英美军事基地的位置和平面图: https://steveloughran.blogspot.com/2018/01/advanced-denanonymization-through-strava.html
-
[ Others ] 臭名昭着的 Lizard Squad 黑客组织与 Mirai 作者间存在联系,ZingBox 对此做了详细分析: https://www.zingbox.com/wp-content/uploads/2018/01/Lizard-Squad-White-Paper-v7.pdf
-
[ Others ] 利用 CVE-2016-4657 漏洞越狱任天堂 Switch 游戏机: https://github.com/iDaN5x/Switcheroo/wiki/Articlehttps://ghostbin.com/paste/2raxy
-
[ Others ] 基于 x86 MMU 实现的虚拟断点(Virtual Breakpoints): https://arxiv.org/pdf/1801.09250.pdf
-
[ Pentest ] 通过 GPO 枚举远程访问策略: https://labs.mwrinfosecurity.com/blog/enumerating-remote-access-policies-through-gpo/
-
[ SecurityReport ] 与问题应用和恶意软件开发者做对抗的2017,来自 Android Developers Blog,据其统计,在2017年共从 Google Play 上移除 70多万款应用,较 2016 年多出 70%. : https://android-developers.googleblog.com/2018/01/how-we-fought-bad-apps-and-malicious.html
-
[ SecurityReport ] Digital Extortion: A Forward-looking View,Trend Micro 发布的对 2018 年数字勒索的预测: https://documents.trendmicro.com/assets/wp-digital-extortion-a-forward-looking-view.pdf
-
[ Tools ] Recaf - 基于 Objectweb ASM 的易于使用的 Java 字节码编辑器: https://github.com/Col-E/Recaf/tree/3599f7a077d1d0f24ce0a1414af3948555185b99
-
[ Tools ] CloudFlair - 使用来自 Censys 的互联网扫描数据查找使用 CloudFlare 的网站的原始服务器的工具: https://github.com/christophetd/CloudFlair
-
-
[ Tools ] ptf - TrustedSec 发布的渗透测试框架: https://github.com/trustedsec/ptf
-
[ Tools ] piVPN - OpenVPN aspberry Pi Installer(下载前请自行检查安全性): https://n0where.net/simple-openvpn-raspberry-pi-installer-pivpn
-
-
[ Vulnerability ] 恐怖的 IoT 收割机 - Botnets 服务中的漏洞: https://embedi.com/blog/grim-iot-reaper-1-and-0-day-vulnerabilities-at-the-service-of-botnets/
-
[ Vulnerability ] 微软 Surface Hub 无线键盘在传输数据时的加密通信实现存在问题,可以被重放攻击: http://seclists.org/fulldisclosure/2018/Jan/97
-
[ Vulnerability ] fs.protected_hardlinks 设置为 0, 攻击者可以利用 systemd-tmpfiles 通过硬链接的方式实现本地提权(CVE-2018-18078): http://seclists.org/oss-sec/2018/q1/115
-
[ Windows ] Windows 如何通过硬件加固来提升安全性,来自BlueHatIL18 : https://twitter.com/DimitriFourny/status/958104891502850048
-
[ Windows ] Windows Kernel Exploitation Tutorial Part 6: Uninitialized Stack Variable: https://rootkits.xyz/blog/2018/01/kernel-uninitialized-stack-variable/