20
8月

Tittle: 2018.8.21

0 作者:admin

.EGG Files in Spam Delivers GandCrab v4.3 Ransomware to South Korean Users

Ryuk Ransomware: A Targeted Campaign Break-Down

BlueHero蠕虫再升级,新增震网3代武器库,看一眼就中招

]VirtualBox VRDP Guest-to-Host Escape https://blogs.securiteam.com/index.php/archives/3736]

[[Google Chrome WebRTC "AcmReceiver::AcmReceiver()" Uninitialized Memory Vulnerability (CVE-2018-6132)

Bug or Backdoor - Exploiting a Remote Code Execution in ISPConfig

Ruby on Rails 路径穿越与任意文件读取漏洞分析 -【CVE-2018-3760】

Metinfo新版本6.1.0存在多个漏洞

New "Turning Tables" Technique Bypasses All Windows Kernel Mitigations

Freezing the Web: A Study of ReDoS Vulnerabilities in JavaScript-based Web Servers

tools A list of ReDoS vulnerabilities in npm modules

Disabling MacOS SIP via a VirtualBox kext Vulnerability

Covering Ian Beer's exploit techniques for getvolattrlist bug (iOS 11-11.3.1)

Leaking Environment Variables in Windows Explorer via .URL or desktop.ini files

以太坊 “后偷渡时代” 盗币之 “拾荒攻击”

Mitigating Location Privacy Attacks on Mobile Devices using Dynamic App Sandboxing

"Kernel Text Readonly Region" (KTRR) details - mechanism used in Apple’s A10 chips and later to prevent modification of an iOS kernel at runtime

Fuzzing CS:GO BSP Files($12,500)

Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Hashing Algorithms along with example challenges from CTFs

DEFCON 26 议题 PPT 公开下载

tools QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

tools ssh-auditor:The best way to scan for weak ssh passwords on your network

tools pe_to_shellcode:Converts PE so that it can be then injected just like a normal shellcode.

tools fortify-rules-decrypt:Fortify SCA 自带规则解密工具


评论


当前没有评论,快来评论吧!





来说点什么吧