PHR34K @ unpacker
Spyware Android.Spywaller uses a legitimate firewall to thwart security software https://t.co/Mdg9Pb92KO
"间谍软件 Android.Spywaller 使用 DroidWall 防火墙应用禁用 Qihoo 360 手机安全应用,来自 Symantect Blog: //t.cn/R4fJnvu"
Binni Shah @ binitamshah
aws-shell : An integrated shell for working with the AWS CLI : https://t.co/IRY9CfWsd2 https://t.co/pr3c9tdgKC
"aws-shell - AWS 命令行 Shell 工具 //t.cn/R4fJnPM //t.cn/R4L0Ixu"
patchguard @ patchguard retweets Joe Ingeno @ JoeIngeno
Exploring the new .NET Command Line Interface (CLI) https://t.co/V69PGPqMip @ shanselman @ dotnet @ aspnet @ msdev
"新 .NET 命令行接口 (CLI) //t.cn/R4fJnU2 "
the grugq @ thegrugq retweets Pascal Hartig @ passy
When your antivirus actually installs trivially exploitable Chrome extensions, disabling the same origin policy.https://t.co/S4L6UFQEmT
"AVG 杀软强制安装的 Chrome 扩展 Web TuneUP 存在多个严重漏洞,甚至破坏了同源策略(检测域名域名中是否包含 '.avg.com'),来自 Google Project Zero: //t.cn/R4V5tbp"
jsoo @ _jsoo_ retweets Ionut Popescu @ NytroRST
Faster Windows Kernel debugging with Virtual Machines https://t.co/Mt4WTAkBvD
"利用 VirtualKD 实现更快的内核调试,之前介绍过 VirtualKD (//virtualkd.sysprogs.org/), 下面这篇 Blog 介绍了 VirtualKD 支持的操作系统和虚拟机程序版本: //t.cn/R4fJnUC"
Jóseph Mlodzìanowskì @ cedoxX
Def Con 23 - El Sherei And Stalmans - Extending Fuzzing Grammars To Exploit Code Paths ~ on security tube ~https://t.co/3SrjbNPa0w
"Def Con 23 El Sherei 和 Stalmans 介绍他们基于语法和 W3C 规范的浏览器 Fuzzing, 视频: //t.cn/R4fJnUT"
Nicolas Krassas @ Dinosn
An integer overflow in Firefox 43? [POC] https://t.co/ZVLwKX6z3p
"Firefox 43 整数溢出 PoC: (Firefox 用户请不要点击!) //t.cn/R4fJn47"
Binni Shah @ binitamshah
Perl Jam 2 - Exploiting all the Perl again : https://t.co/Hv3mfUDTF4 #32c3
"Perl Jam 2 - 再次 Exploit Perl,来自 32C3 会议,作者今年主要是讲 Perl 内核本身的安全问题,尤其是引用算法部分,另外讲了如何攻击 Perl CGI 应用。 会议视频: //t.cn/R4fJn4K "
Binni Shah @ binitamshah
Pash : Open-source PowerShell for Linux,Mac,phones : https://t.co/mknfNubBV0
"Pash - PowerShell 开源实现版本,支持 Linux、Mac: //t.cn/R4VH9c7"
Binni Shah @ binitamshah
Microsoft Has Your Encryption Key If You Use Windows 10 : https://t.co/qogqWvtekJ
"如果你使用 Windows 10,那么微软有你的加密密钥: //t.cn/R4fAPLW"
Kafeine @ kafeine
A ProxyBack (ET 2020089 : Htbot.B) infection vector is illustrated in the Otlard.A post https://t.co/Xy1fcn1K1Jhttps://t.co/7H0TTXxozC
"对 Jahoo(Otlard.A) Botnet 样本的分析 //t.cn/RUeFni8 //t.cn/R4fJnb2"
Dino A. Dai Zovi @ dinodaizovi retweets hackaday @ hackaday
Firmware attack on Mac thunderstrike talk by @ qrs at #32c3 https://t.co/vsg66sYs1p https://t.co/ti8Q6IykcB
"32C3 会议上关于 MacBook 固件蠕虫 Thunderstrike2 的演讲视频: //t.cn/R4fJnBI //t.cn/R4fJn1e "
patchguard @ patchguard retweets Didier Stevens @ DidierStevens
New blog post "SHA256 Code Signing and Microsoft" https://t.co/7A5LaV3OpY
"Windows SHA256 代码签名与 'Mark of the Web': //t.cn/R4fJm6e"
ange @ angealbertini
the life of MD5 v1 https://t.co/WUASKyz4oB
"MD5 的一生 https://t.co/WUASKyz4oB "
.mario @ 0x6D6172696F
Oh, looks like my Edge uXSS is finally fixed on all Win10 versions! Here is the PoC :D https://t.co/VbP3rGcCWS
"Edge uXSS PoC, Win10 版本已经修复: //t.cn/R4fJmOp"
Nikolaos Chrysaidos @ virqdroid
Fingerprints On Mobile Devices: Abusing And Leaking - https://t.co/3LxzjpTDGz @ BlackHatEvents
"BlackHat USA 2015 会议 Tao Wei 和 Yulong Zhang 讲的《手机指纹的滥用和隐私泄露》视频: //t.cn/R4fJmOn"
Nicolas Krassas @ Dinosn
ZDI-15-653: Adobe Flash Object hasOwnProperty Use-After-Free Remote Code Execution Vulnerabilityhttps://t.co/uhsIaf3zOz
"Adobe Flash Object hasOwnProperty UAF RCE(CVE-2015-8649), ZDI 公告: //t.cn/R4fJmW2"
Palo Alto Networks @ PaloAltoNtwks
2016 predictions from Palo Alto Networks experts: What's in store for #cybersecurity? https://t.co/4eqMAu8UtF
"Palo Alto 2016 网络安全预测, Blog: //t.cn/R4fJmWx"
Nicolas Krassas @ Dinosn
Yahoo RSS Reader XXE Vulnerability (CFAJAX) https://t.co/jd4RNRL4js
"Yahoo RSS 阅读器 CFAJAX 模块存在任意代码执行漏洞: //t.cn/R4fJmWj"
TrendLabs @ TrendLabs
Using the past to gain perspective on the future: https://t.co/AJxcvgbWhU
"通过过去看将来 - 趋势科技 2016 预测报告,共 10 页 Slides : //t.cn/R4fJmlv"
patchguard @ patchguard retweets Sanjoy Das @ SCombinator
New post: a problem with LLVM's undef https://t.co/qSeQRK977q
"LLVM 中 undef 的一个问题: //t.cn/R4fJmlq "
Arrigo Triulzi @ cynicalsecurity retweets Teddy Reed @ teddyreedv
Anyone doing Apple SMC research? Here's a fledgling fuzzer: https://t.co/D9tds4ge90 interesting finds are insta-halt and 'hidden' keys
"smc-fuzzer - Apple 系统管理控制器 API Fuzzer: //t.cn/R4fJmlK "
Palo Alto Networks @ PaloAltoNtwks
#Unit42 shares tips on how to use IDAPython to make your life easier. Read Part 1: https://t.co/PH7YnfIFpD @ jgrunzweig @ Unit42_Intel
"IDAPython 让你的生活更轻松 Part 1: //t.cn/R4fJmlR"
Matt Oh @ ohjeongwook retweets Heike Ritter @ HeikeRitter
Just published a new Threat Intelligence Report. This month: Exploits https://t.co/UCB0hAyoBZ #infosec #securityhttps://t.co/fG15JCIBHK
"微软 12 月份的威胁情报报告 - Exploits //t.cn/R4fJmYk //t.cn/R4fxm1x "