每日安全动态推送(09-12)

2017-09-12 11:58:07 Admin 腾讯玄武实验室

Xuanwu Lab Security Daily News


  • [ Browser ]    lokihardt 在 Pwn2Own 2016 比赛中利用 Windows 10 Chrome libANGLE buffer-overflow 漏洞实现沙箱逃逸的细节(附 PoC):

    https://bugs.chromium.org/p/chromium/issues/attachment?aid=227798  https://bugs.chromium.org/p/chromium/issues/attachment?aid=227802


  • [ Browser ]   WebKit: JSC: Incorrect optimization in BytecodeGenerator::emitGetByVal(CVE-2017-7061),来自 lokihardt: 

    https://bugs.chromium.org/p/project-zero/issues/detail?id=1263


  • [ Browser ]    V8 发布 6.2 版本,主要是性能方面的提高,此外 FullCodeGen 编译器被移除了: 

    https://v8project.blogspot.com.es/2017/09/v8-release-62.html


  • [ Conference ]   r2con 2017 会议的大部分议题公开了: 

    https://github.com/radareorg/r2con-2017/tree/master/talks


  • [ iOS ]   剖析 Apple Touch ID,另外新版本的 iPhone 将升级为 Face ID:https://medium.com/@fstiehle/demystifying-apples-touch-id-4883d5121b77


  • [ IoTDevice ]  Hacking the Xbox: 

    http://bunniefoo.com/nostarch/HackingTheXbox_Free.pdf


  • [ MachineLearning ]   Awesome Adversarial Machine Learning - 机器学习对抗相关的资料整理:

    https://github.com/yenchenlin/awesome-adversarial-machine-learning


  • [ MalwareAnalysis ]    利用基于控制流图(CFG)的模糊 Hash 实现恶意软件的分类,来自 r2con 会议: 

    https://github.com/radareorg/r2con-2017/blob/master/talks/cfg-fuzzy-hash/Machoke-cfg-based-fuzzy-hash.pdf


  • [ Others ]   被黑掉的 WordPress 服务器分析: 

    https://www.codemetrix.net/examining-a-hacked-php-server/ http://t.cn/RpKAmE3


  • [ Pentest ]   通过 DNS 响应欺骗来绕过域控制验证:https://labs.detectify.com/2017/09/11/guest-blog-bypassing-domain-control-verification-with-dns-response-spoofing/


  • [ Pentest ]  使用 Excel.Application 和 DCOM 进行横向渗透:https://posts.specterops.io/lateral-movement-using-excel-application-and-dcom-enigma0x3-on-wordpress-com-d11d56e504dc


  • [ Tools ]  lan-monitor - 根据 NMAP 扫描结果在网页上显示 LAN 状态:https://github.com/KruDex/lan-monitor


  • [ Tools ]  Siofra - DLL 劫持漏洞扫描器、PE 感染工具: https://github.com/falexorr/Siofra


  • [ Windows ]   基于 Windows Event Forwarding 机制的网络防御措施,之前也推送过一篇微软的《基于 Windows Event Forwarding 的入侵检测》: 

    https://medium.com/@palantir/windows-event-forwarding-for-network-defense-cb208d5ff86f   

    https://docs.microsoft.com/en-us/windows/threat-protection/use-windows-event-forwarding-to-assist-in-instrusion-detection


  • [ Windows ]   上周推送过《Windows PsSetLoadImageNotifyRoutine Callback 的优点、缺点和你不知道的事儿》,其中提到 PsSetLoadImageNotifyRoutine 的 Bug 可以导致很多杀软获取模块加载文件名不正确,检测失效。作者昨天继续写了 Part 2:https://breakingmalware.com/documentation/windows-pssetloadimagenotifyroutine-callbacks-good-bad-unclear-part-2/


  • [ Industry News ]  为何朝鲜对 Bitcoin 如此感兴趣?来自 FireEye: 

    https://www.fireeye.com/blog/threat-research/2017/09/north-korea-interested-in-bitcoin.html


  • [ Browser ]  Google 对保护着 30 亿设备的 Safe Browsing 技术的简单介绍: 

    https://security.googleblog.com/2017/09/safe-browsing-protecting-more-than-3_11.html


  • [ OpenSourceProject ]  FreeXL Library 中被发现存在两个远程代码执行漏洞(CVE-2017-2923、CVE-2017-2924): 

    http://blog.talosintelligence.com/2017/09/vulnerability-spotlight-talos-2017.html


  • [ Windows ]  微软关于 Windows Defender Exploit Guard 保护机制的文档:https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard


  • [ Tools ]  Cuckoo Sandbox 分析框架更新 2.0.4 版本:https://cuckoosandbox.org/blog/cuckoo-sandbox-204


  • [ Web Security ]  The Road To HSTS(HTTP Strict Transport Security): 

    https://engineeringblog.yelp.com/2017/09/the-road-to-hsts.html


  • [ SecurityProduct ]  QuickHeal AV crashes on malicious RAR files from 2013: 

    https://bugs.chromium.org/p/project-zero/issues/detail?id=1280&desc=2


  • [ Industry News ]  Chrome 计划不再信任赛门铁克证书:https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html


  • [ Tools ]  grsecurity-101-tutorials - PaX/Grsecurity 新手教程: https://github.com/hardenedlinux/grsecurity-101-tutorials


  • [ Linux ]  grsecurity-101-tutorials - PaX/Grsecurity 新手教程: 

    https://github.com/hardenedlinux/grsecurity-101-tutorials


  • [ Industry News ]  据 Check Point 安全人员说 Windows 10 内置的 Linux Shell 可以被利用来隐藏恶意软件: 

    https://motherboard.vice.com/en_us/article/xwwexa/windows-10s-built-in-linux-shell-could-be-abused-to-hide-malware-researchers-say


  • [ Windows ]  从一个补了三次的漏洞看WCF的安全编程,来自腾讯玄武实验室 Danny_Wei: 

    http://xlab.tencent.com/cn/2017/09/11/safe-coding-of-wcf-viewed-from-a-longlive-vulnerability/


* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如: site:xuanwulab.github.io android fuzz

* 按天查看历史推送内容: https://xuanwulab.github.io/cn/secnews/2017/09/12/index.html

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)