行业报告 | Android平台战场:2019年上半年安全事件总结分析

基于2019年上半年国内外各安全研究机构、安全厂商披露的Android平台相关威胁活动的公开资料,结合奇安信威胁情报中心红雨滴团队(RedDripTeam,@RedDrip7)的深入挖掘与跟踪,在本报告中总结一下国内外部分重大Android平台安全事件,使我们对Android平台的威胁图景有个初步的了解。

七天前

工具

Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection

A 5G wireless gateway tailored for industrial internet of things (IoT), retail point-of-sale and enterprise redundancy applications is riddled with vulnerabilities, include two critical bugs that allow remote code-execution (RCE) and arbitrary command-injection.

七天前

工具

工具 | PoCBox - 漏洞测试验证辅助平台

PoCBox功能: 生成漏洞验证代码(便于撰写报告)、在线测试(便于快速手工测试)

七天前

工具

漏洞分析 | CVE-2019-3462 — apt/apt-get远程代码执行漏洞分析

apt/apt-get远程代码执行漏洞分析

七天前

工具

Android | 逆向安卓版本McDonald应用

本文将对McDonald的安卓版本应用进行逆向分析。

七天前

工具

fuzz | FoRTE-Research's Fuzzing Benchmarks

This repository contains a collection of benchmarks and seed inputs to make fuzzing research more readily comparable and reproducable. For instructions on installing and running a given benchmark, refer to the readme file in its respective directory.

七天前

工具

Mobile phishing by the numbers

In a report published in 2011, IBM revealed that mobile users are three times more likely to fall for phishing scams compared to desktop users. This claim was based on accessed log files found on Web servers used to host websites involved in phishing campaigns.

七天前

工具

STOLEN PENCIL Campaign Targets Academia

ASERT has learned of an APT campaign, possibly originating from DPRK, we are calling STOLEN PENCIL that is targeting academic institutions since at least May 2018. The ultimate motivation behind the attacks is unclear, but the threat actors are adept at scavenging for credentials. Targets are sent spear phishing e-mails that lead them to a web site displaying a lure document and are immediately prompted to install a malicious Google Chrome extension. Once gaining a foothold, the threat actors use off-the-shelf tools to ensure persistence, including Remote Desktop Protocol (RDP) to maintain access.

七天前

工具

漏洞分析 | CVE-2018-9411: New critical vulnerability in multiple high-privileged Android services

本文将介绍cve-2018-9411这个漏洞的技术细节以及利用。

七天前

工具

Android | Writing the worlds worst Android fuzzer, and then improving it

Today we’re going to write arguably one of the worst Android fuzzers possible. Experience unexpected success, and then make improvements to make it probably the second worst Android fuzzer.

七天前

工具

iOS12中的Safari会缓存数组状态

A problem with Array's value state in the newly released iOS 12 Safari.

七天前

工具

人工智能开源软件源代码安全缺陷分析报告

CNCERT发布了《开源软件代码安全缺陷分析报告——人工智能类开源软件专题》。本期报告聚焦国内外知名机器学习、人工智能类开源软件安全开发现状,通过分析多款知名人工智能类开源软件产品的安全缺陷,评估开源项目的代码安全控制情况。

七天前

工具

行业报告 | Android进程保护研究分析报告

Google设计Android进程的设计是非常友好的,进程在不可见或者其他一些场景下APP要懂得主动释放,维护Android系统安全,然而低估恶意开发者“贪婪”,利用进程保护机制滋生很多流氓应用,破坏系统文件,资费受损,隐私泄露,推送恶意广告,导致设备资源浪费,破坏系统生态平衡。

七天前

工具

OATmeal on the Universal Cereal Bus: Exploiting Android phones over USB

Recently, there has been some attention around the topic of physical attacks on smartphones, where an attacker with the ability to connect USB devices to a locked phone attempts to gain access to the data stored on the device. This blogpost describes how such an attack could have been performed against Android devices (tested with a Pixel 2).

七天前

工具

科普 | 兼职诈骗新变种:借“壳”传播恶意程序,点击就扣费!

近期,根据360手机先赔用户的反馈,疑似发现兼职诈骗的新变种:借打字兼职App的“壳”,传播恶意扣费程序。

七天前

工具

Compiler-based security mitigations in Android P

Android's switch to LLVM/Clang as the default platform compiler in Android 7.0 opened up more possibilities for improving our defense-in-depth security posture. In Android P, we're expanding our existing compiler mitigations, which instrument runtime operations to fail safely when undefined behavior occurs. This post describes the new build system support for Control Flow Integrity and Integer Overflow Sanitization.

七天前

工具

McAfee’s Steve Povolny Leads Threat Research

Our guest today is Steve Povolny, head of advanced threat research at McAfee. We’ll learn how he came to lead his team of researchers at the well-known security company, his philosophy on leadership, and why investing in research makes sense for McAfee (and most companies). We’ll also cover how to strike a balance between maintaining a healthy competitive advantage in the marketplace, while contributing to the larger threat research community and helping to make the world a safer place. He shares his thoughts on threat intelligence, why he believes it’s grown in importance for most organizations, and we’ll get his advice on choosing what kinds of services you might need.

七天前

工具

行业报告 | 威胁猎人 | 2018年上半年短视频行业黑灰产研究报告

黑灰产业的发展从最早期的纯刷人气,刷粉丝,刷赞模式转向纯粹的为刷量和解决刷量的存在业务模式。黑灰产的从业门槛逐渐降低,从最早期的专供上游工具,已经流向中下游。2018年上半年刷量任务的需求主要依靠最火的自建站点模式完成刷量任务。

七天前

工具

漏洞分析 | MetInfo 任意文件读取漏洞的修复与绕过

404实验室内部的WAM(Web应用监控程序,文末有关于WAM的介绍)监控到 MetInfo 版本更新,并且自动diff了文件,从diff上来看,应该是修复了一个任意文件读取漏洞,但是没有修复完全,导致还可以被绕过,本文就是记录这个漏洞的修复与绕过的过程。

七天前

工具

PoC | Safari RegExp Exec 类型混淆远程代码执行漏洞PoC

Apple Safari RegExp Exec Type Confusion Remote Code Execution Vulnerability PoC.

七天前

工具
1 2 3 4 5 59