每日安全动态推送(08-28)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• Emulation of Malicious Shellcode With Speakeasy:
http://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html

   ・ 利用Speakeasy模拟恶意软件Shellcode分析研究。 – lanying37


• [Pentest] Phishing Secrets: Attack & Protection - Preview:
https://hakin9.org/download/phishing-secrets-attack-protection-preview/

   ・ 网络钓鱼的秘密:攻击与保护-电子书预览。 – lanying37


• [Tools, Pentest] Stowaway:
https://github.com/ph4ntonn/Stowaway

   ・ Stowaway - 一个利用go语言编写、专为渗透测试工作者制作的多级代理工具 – Jett


• Introducing CWE-1265: A New Way to Understand Vulnerable Reentrant Control Flows:
https://www.thezdi.com/blog/2020/8/25/introducing-cwe-1265-a-new-way-to-understand-vulnerable-reentrant-control-flows

   ・ 漏洞库 MITRE 新增了一个漏洞类型:嵌套调用导致的代码重入漏洞,来自 ZDI 的介绍 – Jett


• [Android] sk3ptre/AndroidMalware_2018:
https://github.com/sk3ptre/AndroidMalware_2018

   ・ 2018年Android流行威胁的恶意软件资源库。 – lanying37


• [Android] ashishb/android-security-awesome:
https://github.com/ashishb/android-security-awesome

   ・ Android Security Awesome,Android 安全方向的资料整理 – Jett


• [Browser] Exploiting CVE-2019-17026 - A Firefox JIT Bug:
https://labs.f-secure.com/blog/exploiting-cve-2019-17026-a-firefox-jit-bug/

   ・ Exploiting CVE-2019-17026 - A Firefox JIT Bug – Jett


• Exploring the Ubiquiti UniFi Cloud Key Gen2 Plus | by Katie Sexton | Tenable TechBlog | Aug, 2020 | Medium:
https://medium.com/tenable-techblog/exploring-the-ubiquiti-unifi-cloud-key-gen2-plus-f5b0f7ca688

   ・ Ubiquiti UniFi Cloud Key Gen2 Plus 设备调试接口搭建以及管理接口漏洞分析 – Jett


• An Old Bot’s Nasty New Tricks: Exploring Qbot's Latest Attack Methods - Check Point Research:
https://research.checkpoint.com/2020/exploring-qbots-latest-attack-methods/

   ・ Qbot 最新样本使用的感染技术分析 – Jett


• Abusing COM And DCOM Objects:
https://packetstormsecurity.com/files/158974

   ・ Abusing COM & DCOM objects – Jett


• Introduction to Networking | Network Basics for Beginners - OSI Model:
https://youtu.be/rIZ61PyDkH8

   ・ 网络介绍| 初学者的网络基础-OSI模型学习视频。 – lanying37


• Bypassing Credential Guard – Team Hydra:
https://teamhydra.blog/2020/08/25/bypassing-credential-guard/

   ・ Bypass Windows Defender Credential Guard 保护 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: