每日安全动态推送(10-11)

Xuanwu Lab Security Daily News


  • [ Android ]   Android kernel 中的控制流完整性(CFI): 

    https://android-developers.googleblog.com/2018/10/control-flow-integrity-in-android-kernel.html


  • [ Attack ]   无文件攻击的4种基本技术介绍: 

    https://blog.minerva-labs.com/deconstructing-fileless-attacks-into-4-underlying-techniques


  • [ Blockchain ]   区块链技术概述:

    https://nvlpubs.nist.gov/nistpubs/ir/2018/NIST.IR.8202.pdf


  • [ Defend ]   如何检测并移除 WMI 持久化后门:

    https://medium.com/threatpunter/detecting-removing-wmi-persistence-60ccbb7dff96


  • [ Forensics ]   利用 dmcfghost.exe 进行持久化的技巧:

    http://www.hexacorn.com/blog/2018/10/10/beyond-good-ol-run-key-part-91/


  • [ Fuzzing ]   PDF JS 引擎交互式 Fuzzing :

    https://github.com/knownsec/KCon/blob/master/2018/26%E6%97%A5/26%E6%97%A5No.10-PDF%20%20JS%E5%BC%95%E6%93%8E%E4%BA%A4%E4%BA%92%E5%BC%8FFuzzing-%E9%BB%91%E5%93%A5%26swan.pdf


  • [ IoTDevice ]   IoT 渗透测试系列文章 Part 1:

    https://www.twelvesec.com/2018/10/10/iot-penetration-testing-part-1/


  • [ Malware ]   攻击者使用 Azure Blob 存储服务作为网络钓鱼欺诈的新手段:

    https://threatpost.com/innovative-phishing-tactic-makes-inroads-using-azure-blob/138183/


  • [ MalwareAnalysis ]   Hancitor 垃圾邮件活动传播 Zeus Panda 银行木马的流量分析: 

    https://www.malware-traffic-analysis.net/2018/10/09/index.html


  • [ Browser ]   Safari 技术预览版 67 发布: 

      https://webkit.org/blog/8419/release-notes-for-safari-technology-preview-67/


  • [ Tools ]   warp  - 可用于创建自包含的二进制应用程序的工具: https://github.com/dgiagio/warp


  • [ Tools ]   bpftrace 使用教程: https://github.com/iovisor/bpftrace/blob/master/docs/tutorial_one_liners.md


  • [ Tools ]   hassh - 用于识别特定客户端和服务器 SSH 服务的指纹识别工具: https://github.com/salesforce/hassh


  • [ Tools ]   'Introducing radare2 for humans',radare2 使用介绍: https://github.com/arnaugamez/r2con2018-Introducing_r2_for_humans/blob/master/introducing-radare2-humans.pdf


  • [ Tools ]   keihash.py - 用于解析 pcap 文件并计算 SSH KEIHash: https://blog.didierstevens.com/2018/10/10/keihash-fingerprinting-ssh/


  • [ Tools ]   HEX-RAYS CTREE API 脚本,用于提取信息并自动重命名函数 : http://www.msreverseengineering.com/blog/2018/10/9/hex-rays-ctree-api-scripting-automated-contextual-function-renaming


  • [ Virtualization ]    Microsoft  发布 Azure confidential computing 公共预览版,可保护正在使用的数据 :

    https://azure.microsoft.com/en-us/blog/protect-data-in-use-with-the-public-preview-of-azure-confidential-computing/


  • [ Vulnerability ]   西门子 ROX II 提权漏洞披露(CVE-2018-13801):

    https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf


  • [ Vulnerability ]   New Relic 不安全的直接对象引用漏洞导致帐户信息泄露的详情披露: 

    https://jonbottarini.com/2018/10/09/get-as-image-function-pulls-any-insights-nrql-data-from-any-new-relic-account-idor/


  • [ Vulnerability ]   通过 MSFT_ScriptResource bypass Device Guard/CLM 漏洞(CVE-2018-8212)介绍 :

      https://posts.specterops.io/cve-2018-8212-device-guard-clm-bypass-using-msft-scriptresource-b6cc2318e885


  • [ Windows ]   Windows 0day 漏洞(CVE-2018-8453)捕获始末与分析,来自 Kaspersky: 

    https://securelist.com/cve-2018-8453-used-in-targeted-attacks/88151/


  • [ Windows ]   Microsoft WindowsCodecs.dll SniffAndConvertToWideString 信息泄漏漏洞披露(CVE-2018-8506):

    https://blog.talosintelligence.com/2018/10/microsoft-windowscodecsdll.html


  • [ WirelessSecurity ]   如何使用开源的 SDR 设备进行无线电通讯逆向:

    https://medium.com/@nihal.pasham/rf-reverse-engineering-has-become-trivial-thanks-to-the-opensource-sdr-movement-d1f9216f2f04


  • [ Others ]   将 Azure AD 日志传输到 Azure 事件集成(Azure event hub)的教程:

      https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-azure-monitor-stream-logs-to-event-hub


  • [ Tools ]   clrinject - 将 C# EXE 或 DLL 程序集注入另一个进程的 CLR Runtimes 和 AppDomain 的工具:

      https://github.com/jonatan1024/clrinject


  • [ Others ]   对 Nintendo Switch 内核的修补和模拟: 

    http://douevenknow.us/post/178903213313/nintendo-switch-kernel-patching-and-emulation


* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如:  site:xuanwulab.github.io android fuzz

* 按天查看历史推送内容:  https://xuanwulab.github.io/cn/secnews/2018/10/11/index.html

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)