腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Firmware ] Hacking Toshiba Laptops: https://recon.cx/2018/brussels/resources/slides/RECON-BRX-2018-Hacking-Toshiba-Laptops.pdf
-
[ IoTDevice ] 从 IoT 设备逆向的角度看小米 IoT 生态系统: https://recon.cx/2018/brussels/resources/slides/RECON-BRX-2018-Reversing-IoT-Xiaomi-ecosystem.pdf
-
[ Malware ] 趋势科技检测到新的 AndroRAT 变种利用本地提权漏洞获取 root 控制权限: https://blog.trendmicro.com/trendlabs-security-intelligence/new-androrat-exploits-dated-permanent-rooting-vulnerability-allows-privilege-escalation/
-
[ MalwareAnalysis ] 分析攻击奥委会的 Olympic Destroyer 恶意软件所使用的进程注入技术: https://www.endgame.com/blog/technical-blog/stopping-olympic-destroyer-new-process-injection-insights
-
[ MalwareAnalysis ] 解密 Pastebin 上的恶意软件常用编码方式: https://www.ixiacom.com/company/blog/hiding-plain-sight-decoding-malware-pastebin
-
[ Operating System ] 剖析 QNX 操作系统: 分析与破解 QNX 6/7 的漏洞缓解技术与伪随机数发生器: https://recon.cx/2018/brussels/resources/slides/RECON-BRX-2018-Dissecting-QNX.pdf
-
[ Operating System ] NetBSD 操作系统的 IPsec 在解析 IPv6-AH 数据包时存在远程拒绝服务漏洞,一个 IPv6 数据包就可以触发: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2018-003.txt.asc
-
[ Others ] 年前推送过『从流量分析的角度来看 Shadow Brokers 公开的 DanderSpritz 攻击框架的 PeddleCheap 模块』,这篇介绍 DANDERSPRITZ 和 DOUBLEPULSAR 所用到的网络逃逸技术: https://blogs.forcepoint.com/security-labs/evasions-used-shadow-brokers-tools-danderspritz-and-doublepulsar-part-2-2
-
[ Others ] 《Problem Solving with Algorithms and Data Structures using Python》已免费公开: https://interactivepython.org/runestone/static/pythonds/index.html
-
[ Popular Software ] 卡巴斯基发现网络犯罪分子正在利用 Telegram Windows 客户端的反转字符串漏洞发起攻击: https://securelist.com/zero-day-vulnerability-in-telegram/83800/
-
[ Popular Software ] dotCMS 中存在两处 SQL 注入(CVE-2016-10007, CVE-2016-10008): http://seclists.org/fulldisclosure/2018/Feb/35?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29
-
[ Tools ] respounder - 用于检测网络中是否存在 Responder 的工具: https://github.com/codeexpress/respounder
-
[ Windows ] 针对 Windows PXE Boot Images 的攻击:后门、偷密码: https://blog.netspi.com/attacks-against-windows-pxe-boot-images/
