每日安全动态推送(09-05)

2017-09-05 12:01:43 Admin 腾讯玄武实验室

Xuanwu Lab Security Daily News


  • [ Android ]   Android 官方对 Keystore 的介绍,Keystore 是个基于硬件的可信执行环境服务,可以被操作系统、服务、第三方 APP 使用: 

    https://source.android.com/security/keystore/


  • [ Conference ]  BSidesAMS 2017 大会演讲视频集: 

    https://www.youtube.com/playlist?list=PLwZycuzv10iLBFwRIWNAR-s4iuuUMRuEB


  • [ macOS ]   如何在运行时修复 macOS 10.9 版本 Swift 4 运行时缺失的 “object_isClass”  方法: 

    https://www.hopperapp.com/blog/?p=219


  • [ Mobile ]  深度解析Bootloader攻击面,来自 KCon2017:https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_7_%E5%90%B4%E4%BF%8A%E8%B1%AA_%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90Bootloader%E6%94%BB%E5%87%BB%E9%9D%A2.pdf


  • [ Mobile ]  针对 VOLTE 和 VOWiFi 的攻击实战报告,来自 ERNW:https://www.ernw.de/download/newsletter/ERNW_Whitepaper_60_Practical_Attacks_On_VoLTE_And_VoWiFi_v1.0.pdf


  • [ Others ]  第五代加固技术ARM VMP原理实现与应用,来自 KCon2017:https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_3_%E9%99%88%E6%84%89%E9%91%AB_%E7%AC%AC%E4%BA%94%E4%BB%A3%E5%8A%A0%E5%9B%BA%E6%8A%80%E6%9C%AFARM%20VMP%E5%8E%9F%E7%90%86%E5%AE%9E%E7%8E%B0%E4%B8%8E%E5%BA%94%E7%94%A8.pdf


  • [ Others ]   利用 PasteHunter 从 Pastebin 中挖掘信息:https://techanarchy.net/2017/09/hunting-pastebin-with-pastehunter/


  • [ Tools ]    基于 GDB 和 PEDA 的交互式 Linux Exploit 开发环境:http://ropshell.com/peda/Linux_Interactive_Exploit_Development_with_GDB_and_PEDA_Slides.pdf


  • [ Tools ]   macOS 全盘镜像(Image)文件静态解析工具:https://github.com/ydkhatri/mac_apt


  • [ Windows ]   基于 SetThreadContext 的 DLL 注入:https://blogs.microsoft.co.il/pavely/2017/09/05/dll-injection-with-setthreadcontext/


  • [ Android ]  Android 8.0 Oreo(奥利奥)的整体变化概览:https://arstechnica.com/gadgets/2017/09/android-8-0-oreo-thoroughly-reviewed/


  • [ Conference ]  KCon 议题 PPT 大放送!: 

    https://paper.seebug.org/382/


  • [ Browser ]  URL Spoofing with Modern Browser: 

    https://www.math1as.com/index.php/archives/505/


  • [ Mobile ]  分析一个电信劫持跳转下载情色APP的案例: 

    https://www.92ez.com/?action=show&id=23453


  • [ Mobile ]  从口袋里的伪基站到手持的真基站,来自 Kcon 2017: 

    https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_8_Seeker_%E4%BB%8E%E5%8F%A3%E8%A2%8B%E9%87%8C%E7%9A%84%E4%BC%AA%E5%9F%BA%E7%AB%99%E5%88%B0%E6%89%8B%E6%8C%81%E7%9A%84%E7%9C%9F%E5%9F%BA%E7%AB%99.pdf


  • [ IoTDevice ]  Blue picking – Hacking 蓝牙智能锁,来自 HITB 会议:https://conference.hitb.org/hitbsecconf2017ams/materials/D2T3%20-%20Slawomir%20Jasek%20-%20Blue%20Picking%20-%20Hacking%20Bluetooth%20Smart%20Locks.pdf


  • [ Vulnerability ]  联想最新修复了一个 BIOS SMI Handler 的输入验证 SMM 提权漏洞(CVE-2017-3753),影响多款桌面台式机和工作站:https://support.lenovo.com/us/zh/product_security/len-14695


  • [ Linux ]   KTLS: Linux Kernel Transport Layer Security,内核中的安全套接字层,该特性已经在 Linux 内核 4.13 版本中启用: 

    https://netdevconf.org/1.2/papers/ktls.pdf


  • [ Virtualization ]  探索虚拟化技术在漏洞检测中的应用,来自 Kcon 2017: 

    https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_4_%E4%BB%99%E6%9E%9C_%E6%8E%A2%E7%B4%A2%E8%99%9A%E6%8B%9F%E5%8C%96%E6%8A%80%E6%9C%AF%E5%9C%A8%E6%BC%8F%E6%B4%9E%E6%A3%80%E6%B5%8B%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8.pdf


  • [ IoTDevice ]  玩转无人机攻防,来自 Kcon 2017: 

    https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0826_9_KEVIN2600_%E7%8E%A9%E8%BD%AC%E6%97%A0%E4%BA%BA%E6%9C%BA%E6%94%BB%E9%98%B2.pdf


  • [ Tools ]  python-adb - 纯 Python 实现的 ADB 和 Fastboot 协议:https://github.com/google/python-adb


  • [ macOS ]  OS X/iOS Entitlement Database: 

    http://newosxbook.com/ent.jl?ent=&osVer=MacOS13


  • [ Attack ]  揭秘盗取“羊毛党”比特币的钓鱼攻击事件: 

    http://www.freebuf.com/articles/network/145985.html


* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如: site:xuanwulab.github.io android fuzz

* 按天查看历史推送内容: https://xuanwulab.github.io/cn/secnews/2017/09/05/index.html

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)