每日安全动态推送(08-19)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• Introduction to Whiteboxes and Collision-Based Attacks With QBDI:
http://blog.quarkslab.com/introduction-to-whiteboxes-and-collision-based-attacks-with-qbdi.html

   ・ QBDI 在白盒加密方向的应用 - Whiteboxes and Collision-Based Attacks With QBDI – Jett


• [Tools, Pentest] GitHub - yogeshojha/rengine: A simple recon engine for penetration testing:
https://github.com/yogeshojha/rengine

   ・ 用于自动化收集渗透测试所需信息的平台 – Jett


• Breaking Samsung firmware, or turning your S8/S9/S10 in to a DIY “Proxmark”:
https://www.pentestpartners.com/security-blog/breaking-samsung-firmware-or-turning-your-s8-s9-s10-in-to-a-diy-proxmark/

   ・ 破解三星的固件,并将S8 / S9 / S10型号手机DIY成Proxmark开源的RFID安全研究工具。 – lanying37


• Samsung Qmage MMS Exploit (CVE-2020-8899):
https://github.com/googleprojectzero/SkCodecFuzzer/tree/master/mms_exploit

   ・ Samsung Qmage MMS Exploit (CVE-2020-8899)  – Jett


• 车联网安全系列——特斯拉 NFC 中继攻击(CVE-2020-15912):
https://www.anquanke.com/post/id/213885

   ・ 特斯拉 NFC 中继攻击(CVE-2020-15912) – Jett


• [Fuzzing] On Measuring and Visualizing Fuzzer Performance:
https://hexgolems.com/2020/08/on-measuring-and-visualizing-fuzzer-performance/

   ・ Fuzzer 性能的评估以及评估过程的可视化 – Jett


• [Tools] avast/retdec-r2plugin:
https://github.com/avast/retdec-r2plugin

   ・ Radare2 插件,用于将 RetDec 反汇编工具集成进 Radare2 – Jett


• Cisco 7937G All-In-One Exploiter:
https://packetstormsecurity.com/files/158817

   ・  Cisco 7937G 设备 CVE-2020-16139/16138/16137 漏洞一键攻击代码 – Jett


• 以太坊安全之 EVM 与短地址攻击:
https://paper.seebug.org/1296/

   ・ 以太坊安全之 EVM与短地址攻击。 – lanying37


• GlueBall: The story of CVE-2020–1464:
https://link.medium.com/BK6kY8Ym08

   ・ 利用 Windows 加密实现的问题实现 EXE 证书验证欺骗(CVE-2020–1464) – Jett


• [CTF, Android] Hacker101 CTF: Android Challenge Writeups:
https://buff.ly/3aui2o2

   ・ Hacker101 CTF Android 方向题目的 Writeup – Jett


• [Windows] CVE-2020–14979: Local Privilege Escalation in EVGA PrecisionX1:
https://posts.specterops.io/cve-2020-14979-local-privilege-escalation-in-evga-precisionx1-cf63c6b95896

   ・ EVGA Precision X1 Windows 本地提权漏洞分析(CVE-2020–14979) – Jett


• vBulletin Remote Code Execution (CVE-2020-7373):
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/vbulletin-remote-code-execution-cve-2020-7373/

   ・ vBulletin Remote Code Execution (CVE-2020-7373) – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: