每日安全动态推送(02-22)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• GitHub - darvincisec/AntiDebugandMemoryDump: Anti-Debug and Anti-Memory Dump for Android:
https://github.com/darvincisec/AntiDebugandMemoryDump

   ・  AntiDebugandMemoryDump - Anti-Debug and Anti-Memory Dump for Android  – Jett


• [Android] Android Penetration Testing: APK Reversing (Part 2):
https://www.hackingarticles.in/android-penetration-testing-apk-reversing-part-2/

   ・ Android渗透测试:APK反编译教程(第2部分)。 – lanying37


• Genetics of a Modern IoT Attack - CUJO AI:
https://cujo.com/genetics-of-a-modern-iot-attack/

   ・ IoT 平台恶意软件攻击模型分析 – Jett


• Ubuntu Security Notice USN-4737-1:
https://packetstormsecurity.com/files/161456

   ・ Ubuntu安全公告USN-4737-1 :发现Bind9漏洞(CVE-2020-8625)。 – lanying37


• [Tools] [PDF] https://www.cs.purdue.edu/homes/zhan3299/res/SP21a.pdf:
https://www.cs.purdue.edu/homes/zhan3299/res/SP21a.pdf

   ・ OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary – Jett


• [PDF] https://www.cs.uic.edu/~polakis/papers/solomos-ndss21.pdf:
https://www.cs.uic.edu/~polakis/papers/solomos-ndss21.pdf

   ・ 基于浏览器网站图标(favicon)缓存实现对用户的跟踪 – Jett


• Brave Browser leaks your Tor / Onion service requests through DNS.:
https://ramble.pw/f/privacy/2387

   ・ 有用户发现,Brave 浏览器会通过 DNS 请求泄露用户的所有 Tor、Onion 请求 – Jett


• Zero Day Initiative — ZDI-21-171: Getting Information Disclosure in Adobe Reader Through the ID Tag:
https://bit.ly/3k1eWfS

   ・ ZDI-21-171:通过利用ID标签在Adobe Reader中获取信息披露。 – lanying37


• [Tools] One thousand and one ways to copy your shellcode to memory (VBA Macros) - Adepts of 0xCC:
https://adepts.of0x.cc/alternatives-copy-shellcode/

   ・ 在 VBA 宏函数中如何将 Shellcode 拷贝到内存中的 RWX 段 – Jett


• 深入剖析 JavaScript 编译器/解释器引擎 QuickJS - 多了解些 JavaScript 语言 · 戴铭的博客 - 星光社:
https://ming1016.github.io/2021/02/21/deeply-analyse-quickjs/

   ・ 深入剖析 JavaScript 编译器/解释器引擎 QuickJS – Jett


• [Tools] BishopFox/GadgetProbe:
https://github.com/BishopFox/GadgetProbe

   ・ GadgetProbe - Java 反序列化漏洞 Gadget Probe 工具 – Jett


• _xeroxz / bluepill · GitLab:
https://githacks.org/_xeroxz/bluepill

   ・ Bluepill - Type-2 Intel Hypervisor For Windows 10 Systems – Jett


• [Tools, Wireless] MilenageTest:
https://github.com/jimtangshfx/MilenageTest

   ・ MilenageTest - 验证 3G/4G/5G 鉴权验证过程是否正确的工具 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(02-22)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: