每日安全动态推送(09-08)

2017-09-08 11:47:08 Admin 腾讯玄武实验室

Xuanwu Lab Security Daily News


  • [ Android ]  TrendMicro 发现通过恶意 GIF 能够致使 Android Messages 应用崩溃(cve-2017-0780): 

    http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-0780-denial-service-vulnerability-android-messages-app/


  • [ Android ]   Paloalto 研究员对 Android Toast Overlay 攻击的分析,OS 版本在 8.0 以下均受影响 : 

    https://researchcenter.paloaltonetworks.com/2017/09/unit42-android-toast-overlay-attack-cloak-and-dagger-with-no-permissions/


  • [ Exploit ]  Python 反序列化漏洞利用: 

    https://crowdshield.com/blog.php?name=exploiting-python-deserialization-vulnerabilities


  • [ IoTDevice ]   攻击嵌入式设备与网络协议,来自 zer0con 大会 :https://pierrekim.github.io/advisories/z0-Owning_embedded_devices_and_network_protocols-redacted.pdf


  • [ Linux ]   Linux 4.13 发布后,本篇文章作者对新版本中 SELinux 与审计功能的改变做了简短总结: 

    http://www.paul-moore.com/blog/d/2017/09/linux-v413.html


  • [ macOS ]  Source for macOS 10.12.5 and 10.12.6:https://opensource.apple.com/release/macos-10125.htmlhttps://opensource.apple.com/release/macos-10126.html


  • [ Malware ]  银行恶意软件 EMOTET 再次回归,通过垃圾邮件僵尸网络开始传播:http://blog.trendmicro.com/trendlabs-security-intelligence/emotet-returns-starts-spreading-via-spam-botnet/


  • [ Others ]   优化 Web 服务器,实现高吞吐量与低延迟:https://blogs.dropbox.com/tech/2017/09/optimizing-web-servers-for-high-throughput-and-low-latency/


  • [ SecurityProduct ]  Palo Alto Networks PAN-OS 存在 XXE 漏洞,可导致信息泄露、拒绝服务以及SSRF漏洞(CVE-2017-9458): 

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9458


  • [ Tools ]  SymGDB - 一款基于 Triton 的 GDB 符号执行插件:https://github.com/SQLab/symgdb https://hitcon.org/2017/CMT/slide-files/d2_s1_r0.pdf


  • [ Tools ]   DKMC - 将 Payload 放到图片中实现免杀效果的工具: 

    https://github.com/Mr-Un1k0d3r/DKMC


  • [ Vulnerability ]  Uber Bug Bounty: 越权访问 Uber 公司内部聊天系统:http://blog.mish.re/index.php/2017/09/06/uber-bug-bounty-gaining-access-to-an-internal-chat-system/


  • [ Windows ]  Windows 内核驱动漏洞利用系列 Part 1: 

    https://glennmcgui.re/introduction-to-windows-kernel-exploitation-pt-1/


  • [ Windows ]  Mitigating The Unkn0wn,when your SMB exploit fails,来自 HitconCommunity 2017: 

    https://github.com/Microsoft/MSRC-Security-Research/blob/master/presentations/2017_08_HitconCommunity/HitconCommunity17_Joly_Mitigating_The_Unkn0wn.pdf


  • [ WirelessSecurity ]  无线后渗透的艺术:利用间接无线转发绕过基于端口的访问控制策略 :https://github.com/GDSSecurity/Whitepapers/blob/master/GDS%20Labs%20-%20The%20Black%20Art%20of%20Wireless%20Post%20Exploitation%20-%20Bypassing%20Port%20Based%20Access%20Controls%20Using%20Indirect%20Wireless%20Pivots.pdf


  • [ IoTDevice ]  D-Link 路由器信息泄露和远程命令执行漏洞分析及全球数据分析报告 : 

    https://paper.seebug.org/385/


  • [ Vulnerability ]  S2-052漏洞分析及官方缓解措施无效验证: 

    https://paper.seebug.org/384/


  • [ WirelessSecurity ]  如何远程控制别人的无线鼠标:深度揭露鼠标劫持内幕: 

    http://bobao.360.cn/learning/detail/4366.html


  • [ Industry News ]  ShadowBrokers 又搞事!每月支付 400 万美元,多获得两份新泄露的文件,你会买吗?: 

    https://mp.weixin.qq.com/s/8cVaqoSLy733-sEqK01zhg


  • [ Windows ]  Windows内核bug阻止安全软件识别恶意软件: 

    http://bobao.360.cn/news/detail/4296.html


  • [ Attack ]  所有语音助手都存漏洞 浙江大学发现DolphinAttack攻击手段: 

    http://www.cnbeta.com/articles/tech/649271.htm paper: https://endchan.xyz/.media/50cf379143925a3926298f881d3c19ab-applicationpdf.pdf


* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如: site:xuanwulab.github.io android fuzz

* 按天查看历史推送内容: https://xuanwulab.github.io/cn/secnews/2017/09/08/index.html

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)