24
9月
New CVE-2018-8373 Exploit Spotted in the Wild
tools CVE-2018-8373样本
Android Trojan reads Whatsapp-Messages
USB threats from malware to miners
CVE-2018-14634:Integer overflow in Linux's create_elf_tables()-LPE (full root) from a suid-root binary(RHEL, CentOS and Debian 8 are vulnerable)
Collection of (at time of release) iOS bugs @userlandkernel found
Tranfer-Encoding bug of PHP causes cache poisoning for apache mod_cache instead of XSS(CVE-2018-17082)
WebKit: Use-after-free in WebCore::SVGTextLayoutAttributes::context(CVE-2018-4318)
WebKit: Use-after-free in WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded(CVE-2018-4197)
WebKit: Use-after-free in WebCore::RenderMultiColumnSet::updateMinimumColumnHeight(CVE-2018-4323)
WebKit: Use-after-free in WebCore::SVGTRefElement::updateReferencedText(CVE-2018-4315)
WebKit: Use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags(CVE-2018-4317)
禅道pms-路由及漏洞分析
Epee Levin Packet Deserialization Code Execution Vulnerability
利用动态二进制加密实现新型一句话木马之客户端篇
Discovering OGNL injection in Apache Struts with taint-tracking
奇淫异巧之PHP后门
Creating Shellcode Crypter
sqlmap内核分析系列
Analysing Apple Pay Transactions
The Last Man Standing: The Only Practical, Lightweight and Hypervisor-Based Kernel Protector Struggling with the Real World Alone
macOS权威评测《macOS 10.14 Mojave: The Ars Technica review》
医疗行业安全指数报告(2018年8月)
tools IDA-minsc is a plugin for IDA Pro that assists a user with scripting the IDAPython plugin that is bundled with the disassembler.
tools wasmjit:Kernel Mode WebAssembly Runtime for Linux
tools xsec-checker是一款服务器安全检测的辅助工具