每日安全动态推送(05-27)

admin 腾讯玄武实验室 2019-05-27
Tencent Security Xuanwu Lab Daily News


• [Conference] TenSec 2019: 
https://keenlab.tencent.com/en/2019/05/24/TenSec-2019/

   ・ 腾讯安全国际技术峰会 TenSec 2019 将于 6 月 11 ~12 日在上海举办 – Jett


• [Fuzzing, Tools] [PDF] https://arxiv.org/pdf/1905.09532.pdf: 
https://arxiv.org/pdf/1905.09532.pdf

   ・ Paper:《SYNFUZZ: Efficient Concolic Execution via Branch Condition Synthesis》 – Jett


• [Attack] Uncovering New Activity By APT10: 
https://blog.ensilo.com/uncovering-new-activity-by-apt10

   ・ enSilo 团队对 APT10 近期攻击活动的追踪分析 – Jett


• [Conference] YouTube: 
https://www.youtube.com/playlist?list=PLDRL0OXbBArFutTX4o_tO9WX5vaRFaXkN

   ・ OPCDE 2019 会议的视频在 YouTube 上公开了 – Jett


• Pwning the Nokelock API: 
https://www.pentestpartners.com/security-blog/pwning-the-nokelock-api/

   ・ 中国厂商出的智障门锁,文章中讲了如何破解这个门锁,厂商在产品设计上存在多个安全问题:ble协议设计 ,加密以及网络通讯。里面使用python脚本实现ble通讯的方法可以学习。 – LuYa


• [Browser] 从一道CTF题零基础学V8漏洞利用: 
https://www.freebuf.com/vuls/203721.html

   ・ 这篇文章主要是从入门角度,一步步复现今年starctf2019中的浏览器漏洞题目—oob – Jett


• [Tools] zyantific/IDASkins: 
https://github.com/zyantific/IDASkins/releases/tag/v2.1.0

   ・ IDASkins - 为 IDA Pro 装一个类似 VSCode 的暗色主题 – Jett


• [Data Breach] First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records:
https://krebsonsecurity.com/2019/05/first-american-financial-corp-leaked-hundreds-of-millions-of-title-insurance-records/

   ・ 美国保险巨头First American Financial 的网站泄露了数百万份与抵押贷款交易有关的文件 – Jett


• [Network] Tor的路径地理规避: 
http://www.arkteam.net/?p=4348

   ・ NDSS Symposium 2019 Paper《On the Challenges of Geographical Avoidance for Tor》的解读 –Jett


• wcventure/FuzzingPaper: 
https://github.com/wcventure/FuzzingPaper

   ・ 收集整理了学术界最新的Fuzzing相关的Paper – R3dF09


• Xyntax/datacon_2019_DNS: 
https://github.com/Xyntax/datacon_2019_DNS

   ・ DataCon 2019大数据安全分析比赛DNS方向题目以及第一名解题思路 – LW


• [Tools] Introducing Time Travel Debugging for Visual Studio Enterprise 2019 | The Visual Studio Blog: 
https://devblogs.microsoft.com/visualstudio/introducing-time-travel-debugging-for-visual-studio-enterprise-2019/

   ・ Visual Studio Enterprise 2019 开始支持 Time Travel Debugging 带运行时上下文记录功能的调试 –Jett


• [macOS] Attribution is hard — at least for Dock: A Safari sandbox escape & LPE: 
https://phoenhex.re/2019-05-26/attribution-is-hard-at-least-for-dock

   ・ 作者介绍了在今年Pwn2Own中利用一个越界读漏洞实现了Safari沙箱逃逸,然后利用kextutil中存在的TOCTOU获得内核代码执行权限。 – freener0


• [Windows] Persistence: “the continued or prolonged existence of something”: Part 2 – COM Hijacking: 
https://www.mdsec.co.uk/2019/05/persistence-the-continued-or-prolonged-existence-of-something-part-2-com-hijacking/

   ・ 渗透中基于 COM 劫持实现的 Windows 10 的常驻 – Jett


• [Browser] SSD Advisory – Firefox Sandbox Infoleak From Uninitialized Handle In CrossCall: 
https://ssd-disclosure.com/archives/3923/ssd-advisory-firefox-sandbox-infoleak-from-uninitialized-handle-in-crosscall

   ・ FireFox SandBox 中的信息泄露漏洞, 源于未初始化的 CrossCall Handle – AI_FUZZ


• 0x01 Introduction: 
https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/

   ・ 利用开发库本身的参数注入 URL Scheme,上次是 libcef,这次是 QT – FlappyCarrot


• [Linux] CVE-2019-11815: A Cautionary Tale About CVSS Scores: 
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/GC0HggE06Vk/

   ・ 从 CVSS 评分看 Linux 内核 RDS RCE 漏洞(CVE-2019-11815) – Jett


* 查看或搜索历史推送内容请访问: 
https://sec.today

* 新浪微博账号: 腾讯玄武实验室 
https://weibo.com/xuanwulab


    阅读原文
    已同步到看一看

    发送中

    本站仅按申请收录文章,版权归原作者所有
    如若侵权,请联系本站删除
    觉得不错,分享给更多人看到
    腾讯玄武实验室 热门文章:

    BadTunnel:跨网段劫持广播协议    阅读/点赞 : 3386/54

    安全动态推送春节合辑(上)    阅读/点赞 : 449/5

    每日安全动态推送(02-21)    阅读/点赞 : 392/4

    每日安全动态推送(03-13)    阅读/点赞 : 390/6

    每日安全动态推送(09-19)    阅读/点赞 : 380/4

    每日安全动态推送(10-11)    阅读/点赞 : 378/4

    每日安全动态推送(06-20)    阅读/点赞 : 368/6

    每日安全动态推送(10-19)    阅读/点赞 : 344/4

    每日安全动态推送(11-25)    阅读/点赞 : 331/4

    每日安全动态推送(07-18)    阅读/点赞 : 320/4

    腾讯玄武实验室 微信二维码

    腾讯玄武实验室 微信二维码