[Windows] raminfp/basicwindowskernelprogramming:https://github.com/raminfp/basicwindowskernelprogramming
・ Basic Windows Kernel Programming – Jett
[Browser] CVE-2020-0674:https://github.com/maxpl0it/CVE-2020-0674-Exploit
・ IE 浏览器 JS 脚本引擎 CVE-2020-0674 漏洞的 Exploit – Jett
[Reverse Engineering] Reverse Engineering a VxWorks OS Based Router:https://blog.quarkslab.com/reverse-engineering-a-vxworks-os-based-router.html
・ 基于 VxWorks 操作系统的路由器的逆向分析 – Jett
2002 - Samsung Android multiple interactionless RCEs and other remote access issues in Qmage image codec built into Skia - project-zero:https://bugs.chromium.org/p/project-zero/issues/detail?id=2002
・ j00ru 发现的三星 Android 手机 Qmage 图像格式漏洞,可以实现零接触 RCE – Jett
Black Hat USA, DEF CON 28 Go Virtual:https://threatpost.com/black-hat-usa-def-con-28-go-virtual/155606/
・ 受新冠病毒疫情影响,今年的 Black Hat USA 和 DEF CON 28 会议都将改为线上举办 – Jett
How a Deceptive Assert Caused a Critical Windows Kernel Vulnerability:https://www.thezdi.com/blog/2020/5/7/how-a-deceptive-assert-caused-a-critical-windows-kernel-vulnerability
・ 去年底 Windows win32kfull.sys 驱动新加的一行 assert 代码引入了一个漏洞 – Jett
Report: Microsoft’s GitHub Account Gets Hacked:https://threatpost.com/report-microsofts-github-account-gets-hacked/155587/
・ 有黑客组织称其黑掉了微软在 GitHub 的账户,偷走 500GB 数据 – Jett
[Windows] Old .NET Vulnerability #5: Security Transparent Compiled Expressions (CVE-2013-0073):https://www.tiraniddo.dev/2020/05/old-net-vulnerability-5-security.html
・ Old .NET Vulnerability #5: Security Transparent Compiled Expressions (CVE-2013-0073) – Jett
Pentesting Cisco SD-WAN Part 2: Breaking routers:https://www.synacktiv.com/posts/pentest/pentesting-cisco-sd-wan-part-2-breaking-routers.html
・ Cisco 路由器 SD-WAN 命令执行漏洞 Part2 – Jett
[Data Breach] Hackers Breach 3.5 Million MobiFriends Dating App Credentials:https://threatpost.com/hackers-breach-3-5-million-mobifriends-dating-app-credentials/155590/
・ 约会 App MobiFriends 泄漏 350 万用户的登录凭据及邮箱等数据 – Jett
[Tools] googleprojectzero/SkCodecFuzzer:https://github.com/googleprojectzero/SkCodecFuzzer
・ j00ru 用于 Fuzz Android 图像格式的 Fuzzer – Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 微信公众号: 腾讯玄武实验室
+关注
快速开通微博你可以查看更多内容,还可以评论、转发微博。