12
3月

Tittle: 2018.3.14

0 作者:admin

HenBox, an Android Malware family masquerading as legitimate apps on third-party app stores

Dangerous malware stealing bitcoin hosted on Download.com for years

OceanLotus-Old techniques,new backdoor

Poisoned peer-to-peer app kicked off Dofoil coin miner outbreak

Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign

RedisWannaMine Unveiled: New Cryptojacking Attack Powered by Redis and NSA Exploits

13 Critical Security Vulnerabilities and Manufacturer Backdoors discovered throughout AMD Ryzen & EPYC product lines.

CVE-2018-1057: Unprivileged user can change any user (and admin) password (Samba AD DC)

From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP(CVE-2018-0886)

Exploiting Adobe ColdFusion before CVE-2017-3066

Jenkins XStream remote code execution vulnerability(CVE-2017-2608)

Getting to the Bottom of CVE-2018-0825 Heap Overflow Buffer

There is a proxy in your Atlassian Product! (CVE-2017-9506)

The Java Soothsayer: A practical application for insecure randomness. (Includes free 0day)

Reverse engineering of Mikrotik exploit from Vault 7 CIA Leaks (Working PoC (Full Sources) and PDF Article)

SAP Note Assistant Insecure Handling of SAP Notes Signature Vulnerability(2017)

Deep-dive into SAP archive file formats(2016)

Analysis of a Kubernetes hack — Backdooring through kubelet

Bypassing Payments Using Webhooks

Using FRIDA to bypass the Android 7+ Network Security Configuration feature

JavaScript Zero: real JavaScript, and zero side-channel attacks

Rootkit analysis-Use case on HideDRV(2016)

太刺激!服务器被黑遭攻击,凌晨一点紧急逆袭!

如何不写一行javascript代码就可以把深度学习模型自动编译生产WebGL并且跑在浏览其中

Invisible resource thieves: The increasing threat of cryptocurrency miners

CNCERT 2017年我国联网智能设备安全情况报告

Mail.Ru:style Stored XSS when you read eamils($1,000)

SEMrush:XXE in Site Audit function exposing file and directory contents($2,000)

Regaxor: Fuzzing Regexes for Fun and Not‐So‐Much Profit

tools Metta: Uber's Open Source Tool for Adversarial Simulation


评论


当前没有评论,快来评论吧!





来说点什么吧