Sec Hotspot 首页  友情链接  收藏本站  技术博客  RSS
统计信息
已收录文章数量:13786 篇
已收录公众号数量:68 个
本站文章为爬虫采集,如有侵权请告知
每日安全动态推送(05-29)
本文来自公众号:腾讯玄武实验室   2020.05.29 11:02:06

Tencent Security Xuanwu Lab Daily News


NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection:
http://dlvr.it/RXWP5h

诺基亚官网的sql注入漏洞 靓仔


[ Browser, Web ] The Tangled Browsers:
https://blog.s1r1us.ninja/CTF/tangled_browsers

The Tangled Browsers: Beyond XSS (Part 1) Jett


[ Windows ] Defending Windows Domain Against Mimikatz Attacks | Windows OS Hub:
http://woshub.com/defending-windows-domain-against-mimikatz-attacks/

防御Windows域免受Mimikatz攻击安全策略建议。 lanying37


When Anti-Virus Engines Look Like Kernel Rootkits:
https://volatility-labs.blogspot.com/2020/05/when-anti-virus-engines-look-like.html

反病毒引擎实现监控的方式与内核 Rootkits 很像 Jett


[ Browser ] 2016 - project-zero - Project Zero - Monorail:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2016

Issue 2016: Firefox: Default Content Process DACL Sandbox Escape Jett


Fuzzing战争: 从刀剑弓斧到星球大战:
https://blog.flanker017.me/fuzzing%e6%88%98%e4%ba%89-%e4%bb%8e%e5%88%80%e5%89%91%e5%bc%93%e6%96%a7%e5%88%b0%e6%98%9f%e7%90%83%e5%a4%a7%e6%88%98/

Fuzzing 战争: 从刀剑弓斧到星球大战 Jett


Windows X86-64 System Call Table (XP/2003/Vista/2008/7/2012/8/10):
https://j00ru.vexillium.org/syscalls/nt/64/

一个记录多个版本Windows系统调用表的网站 靓仔


[ Android ] Xiaomi Redmi 5 Plus Second Space Password Bypass:
https://labs.f-secure.com/advisories/xiaomi-second-space

Xiaomi Redmi 5 Plus Second Space Password Bypass Jett


[ Attack ] The zero-day exploits of Operation WizardOpium:
https://securelist.com/the-zero-day-exploits-of-operation-wizardopium/97086/

卡巴斯基对去年 WizardOpium APT 攻击行动中所用的 Chrome 和 win32k Exploit 的分析 Jett


oss-sec: CVE-2020-10751 - Linux kernel: SELinux netlink permission check bypass:
http://seclists.org/oss-sec/2020/q2/147

CVE-2020-10751 - Linux kernel: SELinux netlink permission check bypass Jett


CVE-2020-13253 QEMU: sd: OOB access could crash the guest resulting in DoS:
http://seclists.org/oss-sec/2020/q2/146

QEMU 的 SD 内存卡模拟存在越界读漏洞(CVE-2020-13253) Jett


[ Tools ] security things in Linux v5.5:
https://outflux.net/blog/archives/2020/05/27/security-things-in-linux-v5-5/

Linux内核v5.5版本安全注意事项。 lanying37


[ Tools, iOS ] alephsecurity/xnu-qemu-arm64:
https://github.com/alephsecurity/xnu-qemu-arm64

QEMU 的 Aleph Research fork 版本,用于运行 iOS 系统 Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab