3
4月

Tittle: 2018.4.5

0 作者:admin

Advisory: Hostile state actors compromising UK organisations with focus on engineering and industrial control companies

Reaper Group’s Updated Mobile Arsenal

New MacOS Backdoor Linked to OceanLotus Found

Hunting down Dofoil with Windows Defender ATP

Fake Software Update Abuses NetSupport Remote Access Tool

IE11: use-after-free in jscript!JsErrorToString

Windows: use-after-free in jscript!JsArrayJoin

Windows: multiple use-after-free issues in jscript Array methods

mpengine contains unrar code forked from unrar prior to 5.0, introduces new bug while fixing others(CVE-2018-0986)

There's Life in the Old Dog Yet: Tearing New Holes into Intel/iPhone Cellular Modems(IOS&CVE-2018-4148)

Stealing Credit Cards from FUZE via Bluetooth (CVE-2018-9119) with exploit PoC and X-ray teardown

quickly pwned, quickly patched: details of the mozilla pwn2own exploit

Four code execution vulnerabilities and a denial of service in Natus NeuroWorks software used in Natus Xltek EEG medical products

Chrome Video Downloader Extension: Universal XSS

Android系统序列化、反序列化不匹配漏洞

08CMS SQL 注入分析.

路由器漏洞分析第五弹:CVE-2018-5767路由器远程代码执行

Who Moved My Pixels?! › reversing apple's 'screencapture' to programmatically grab desktop images

Race to RCE: There is more on the Web than just XSS

Scratching the surface of host headers in Safari

Talk on Windows network authentication mechanism and Windows network pentesting

Vulnerability Modeling with Binary Ninja

A Deep Dive into Database Attacks(IV): Delivery and Execution of Malicious Executables through SQL Commands (MySQL)

Malpedia: A Collaborative Effort to Inventorize the Malware Landscape

Threat Hunting via Windows Event Logs

Interview-Notebook 是一份技术面试需要掌握的基础知识与资料整理

a Linux Kernel Defence Map showing the relations between:vulnerability classes/exploitation techniques,kernel defences,bug detection means.

” Your details are saved into my account”-User info disclosure Vulnerability in Practo (India’s biggest healthcare app)

Google bug bounty for security exploit that influences search results

tools 全网子域统计与子域查找工具

tools poc of Debian 'beep' race condition that allows local privilege escalation(CVE-2018-0492)

tools r2dec-js:radare2 plugin - converts asm to pseudo-C code

tools py-feedr:A Python parser to tweet the latest updates from multiple RSS feeds.

tools InstaLooter is a program that can download any picture or video associated from an Instagram profile, without any API access


评论


当前没有评论,快来评论吧!





来说点什么吧