[分享]国外最新安全推文整理（第14期）-外文翻译-看雪-安全社区|安全招聘|kanxue.com

[分享]国外最新安全推文整理（第14期）

发表于: 2017-9-3 17:52 6927

[分享]国外最新安全推文整理（第14期）

BDomne

活跃值

5

2017-9-3 17:52

6927

有些可能需要VPN访问，安全性方面自己多留意。

Advanced C/C++ memory profiler

540K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0K9h3I4G2M7%4c8G2M7$3W2U0i4K6u0r3e0g2c8#2L8X3g2J5

An efficient and domain-independent differential fuzzer

b4dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6i4A6Z5j5g2)9J5k6r3c8@1i4K6u0r3L8X3g2*7K9r3p5`.

Automated static analysis tools for binary programs

cf4K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6U0L8i4g2Q4x3X3c8K6k6h3W2Q4x3V1k6H3K9r3q4J5L8%4x3`.

Abusing Token Privileges For EoP

6eaK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Z5j5i4c8d9K9h3!0@1i4K6u0r3N6r3!0C8k6h3&6Q4x3X3c8H3M7X3W2$3

A simple, portable, Intel x64/EM64T VT-x specific hypervisor

5b1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8$3&6W2M7$3y4#2x3o6l9%4i4K6u0r3f1$3W2E0M7r3I4W2g2X3W2K6L8%4t1`.

Hardware-Assisted Feedback Fuzzing for OS Kernels

42cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6d9g2f1u0Q4x3X3c8e0P5i4y4e0k6h3y4Q4x3V1k6C8b7f1k6x3

The Holy Book of X86

6eeK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6o6j5i4m8@1j5h3W2F1j5i4u0S2M7$3S2Q4x3V1k6f1K9r3g2Q4y4h3k6t1L8$3I4&6i4K6g2X3b7X3!0G2K9#2)9#2k6X3!0X3i4K6g2X3h3o6R3$3

Oxford Deep NLP 2017 course

a63K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6G2P5r3k6G2M7X3c8Q4x3X3c8U0M7#2)9J5k6r3c8W2k6i4m8F1L8s2m8Q4x3X3b7J5x3o6p5%4i4K6u0r3L8r3g2U0N6s2g2J5k6i4x3`.

USENIX Security 2017 (icesword, cool work!)

280K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2#2M7$3g2F1K9i4S2Q4x3X3g2G2M7X3N6Q4x3V1k6U0L8$3&6X3k6i4u0W2L8X3y4W2i4K6u0r3N6i4y4W2L8X3W2^5M7$3g2U0N6i4u0A6N6s2V1I4y4#2)9J5c8Y4c8W2j5$3S2F1K9h3y4S2L8q4)9J5k6s2y4W2M7%4y4A6L8$3&6K6

CCS 2017 Accepted Papers

d68K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2j5$3#2U0j5%4y4Q4x3X3g2Y4K9i4c8Z5N6h3u0Q4x3X3g2A6L8#2)9J5c8Y4m8S2M7r3g2J5M7#2)9J5c8R3`.`.

Hack In The Box GSEC 2017

1a7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3N6K6k6h3y4Q4x3X3g2Z5K9i4c8T1i4K6u0W2L8%4u0Y4i4K6u0r3L8h3q4@1k6i4u0A6j5h3I4K6i4K6u0r3M7$3M7J5x3o6p5%4i4K6u0r3

44CON 2017 Schedule

a79K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1j5@1y4r3y4G2L8U0t1H3x3e0N6Q4x3X3g2K6j5$3S2W2k6q4)9J5k6h3y4G2L8g2)9J5c8R3`.`.

BlueHat v17 Schedule

8d7K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4M7#2)9J5k6i4c8W2j5$3S2F1k6i4c8Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6T1L8s2g2W2K9r3q4@1i4K6u0r3x3U0l9I4y4#2)9J5c8U0l9&6i4K6u0r3x3o6q4Q4x3V1k6S2L8X3&6G2N6h3&6U0K9h3&6Y4i4K6u0V1N6r3S2W2i4K6u0V1j5X3I4#2k6h3S2S2N6q4)9J5k6s2j5I4y4#2)9J5k6s2y4U0K9r3g2V1N6h3I4W2i4K6u0r3

Mitigations in Windows 10

adeK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4M7#2)9J5k6i4c8W2j5$3S2F1k6i4c8Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6A6k6Y4c8W2K9$3S2S2M7W2)9J5c8U0t1H3x3e0N6Q4x3V1j5H3z5q4)9J5c8U0t1^5i4K6u0r3N6r3S2J5k6h3q4@1i4K6u0V1L8h3W2@1K9h3N6S2N6r3W2G2L8W2)9J5k6r3W2F1i4K6u0V1N6$3W2F1k6r3!0%4M7#2)9J5k6o6p5H3i4K6u0r3

Bringing Call Gates Back

c5fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3q4D9k6i4S2Q4x3X3c8A6L8$3&6W2M7$3y4#2i4K6u0W2j5$3!0E0i4K6u0r3i4K6y4r3M7q4)9K6c8o6x3@1x3l9`.`.

Exploring Windows virtual memory management

59aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4c8J5K9i4m8D9k6h3k6S2N6h3I4@1i4K6u0W2K9h3!0Q4x3V1j5J5x3o6p5%4i4K6u0r3x3o6S2Q4x3V1k6W2P5s2m8D9L8%4u0A6L8X3N6Q4x3X3c8%4K9h3&6V1L8%4N6K6i4K6u0V1N6X3W2J5N6s2g2S2L8q4)9J5k6r3#2W2L8h3!0J5P5g2)9J5k6h3S2@1L8h3H3`.

Arbitrary Write primitive in Windows kernel

fe8K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3q4Z5j5$3q4@1i4K6u0W2k6$3W2@1K9s2g2T1i4K6u0W2K9h3!0Q4x3V1j5J5x3o6p5%4i4K6u0r3x3o6S2Q4x3V1j5K6x3g2)9J5c8X3q4J5j5X3W2@1M7X3q4J5P5g2)9J5k6s2N6J5K9i4c8W2i4K6u0V1M7s2u0A6L8h3W2@1K9i4k6W2i4K6u0V1K9h3&6Q4x3X3c8%4K9h3&6V1L8%4N6K6i4K6u0V1K9$3g2J5L8X3g2D9i4K6u0V1K9r3g2$3k6q4)9J5c8R3`.`.

New WinDbg available in preview

90dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4M7#2)9J5k6h3#2K6k6r3&6Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6%4K9h3&6V1j5X3N6Q4x3V1j5J5x3o6p5%4i4K6u0r3x3o6S2Q4x3V1j5J5z5q4)9J5c8X3&6W2N6#2)9J5k6s2N6A6L8X3c8T1k6#2)9J5k6r3q4$3j5h3W2D9j5h3u0D9k6g2)9J5k6r3W2F1i4K6u0V1M7s2u0W2N6X3W2W2N6#2)9J5c8R3`.`.

WinDBG and JavaScript Analysis

250K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2@1j5h3I4G2M7$3W2F1N6r3g2D9L8r3W2Y4k6h3&6U0k6g2)9J5k6h3y4G2L8g2)9J5c8U0t1H3x3e0N6Q4x3V1j5H3z5q4)9J5c8Y4N6A6L8X3c8T1k6#2)9J5k6r3q4F1k6q4)9J5k6r3A6S2N6X3q4K6j5%4u0A6M7s2c8Q4x3X3c8S2L8X3q4D9P5i4y4A6M7#2)9J5k6h3S2@1L8h3H3`.

Dridex AtomBombing in detail

ccaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2N6X3g2J5M7$3W2F1k6$3#2A6L8X3c8K6i4K6u0V1j5X3I4G2k6#2)9J5k6h3I4G2k6$3c8G2N6$3&6Q4x3X3g2U0L8$3#2Q4x3V1k6H3L8%4y4@1M7#2)9J5c8U0t1I4x3U0f1&6z5o6g2Q4x3X3c8V1M7X3W2V1k6i4S2Q4x3X3c8S2N6r3!0E0j5X3!0E0j5X3W2F1k6#2)9J5k6r3W2F1i4K6u0V1k6r3g2@1j5h3W2D9

Analysing a recent Poison Ivy sample

b2bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2F1j5$3y4Y4M7X3!0#2M7q4)9J5k6i4c8J5N6i4y4@1i4K6u0r3N6h3E0Q4x3V1k6S2j5X3!0#2N6q4)9J5k6s2g2K6i4K6u0r3L8X3g2%4M7%4u0G2L8$3#2Q4x3X3c8S2L8X3c8Q4x3X3c8W2N6X3g2F1N6s2y4Q4x3V1k6T1L8r3!0Y4M7#2)9J5c8U0t1H3x3e0N6Q4x3V1k6S2N6h3N6#2M7%4c8Q4x3V1k6S2L8X3q4D9P5i4y4A6L8X3N6Q4x3X3c8S2i4K6u0V1M7X3g2U0k6h3&6@1i4K6u0V1M7r3!0A6M7$3!0F1i4K6u0V1K9i4k6&6i4K6u0V1M7$3q4E0M7r3I4W2i4K6u0r3

Cheat Sheet for Analyzing Malicious Software

4e1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6*7k6h3I4@1M7$3g2J5i4K6u0W2j5$3!0E0i4K6u0r3L8h3q4D9N6$3q4J5k6g2)9J5k6r3q4F1j5h3I4&6M7$3W2K6i4K6u0V1j5$3S2W2j5i4c8Q4x3X3c8K6K9r3g2W2N6q4)9J5c8R3`.`.

Application of Authenticode Signatures to Unsigned Code

5bbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3g2^5M7r3I4G2K9i4c8Q4x3X3c8E0L8$3&6V1j5i4W2Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6p5%4i4K6u0r3x3o6S2Q4x3V1k6S2M7s2m8D9K9h3y4S2N6r3W2G2L8W2)9J5k6r3!0X3i4K6u0V1j5i4g2@1K9r3g2F1N6r3W2U0L8$3c8W2i4K6u0V1M7$3W2Y4L8X3q4@1N6i4u0W2M7#2)9J5k6h3S2@1L8h3H3`.

Bypassing VirtualBox Process Hardening on Windows

af9K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4L8$3!0Y4L8r3g2H3M7X3!0B7k6h3y4@1P5X3g2J5L8#2)9J5k6h3u0D9L8$3N6K6M7r3!0@1i4K6u0W2j5$3!0Q4x3X3g2#2K9#2)9J5c8U0t1H3x3e0N6Q4x3V1j5H3z5q4)9J5c8X3u0&6M7r3q4K6M7$3W2F1k6#2)9J5k6s2k6A6M7Y4c8#2j5h3I4T1L8%4S2Q4x3X3c8H3M7X3!0U0k6i4y4K6i4K6u0V1K9r3q4J5k6r3g2F1K9h3&6Y4i4K6u0W2K9s2c8E0L8l9`.`.

Hooking COM Classes

d4eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6K6i4K6u0W2L8h3W2U0M7X3!0K6L8$3k6@1i4K6u0W2j5$3!0Q4x3X3g2A6L8q4)9J5c8Y4m8S2N6X3g2D9P5g2)9J5c8U0t1H3x3e0N6Q4x3V1j5H3z5q4)9J5c8U0l9%4i4K6u0r3K9r3!0G2K9$3W2F1k6#2)9J5k6r3y4G2L8g2)9J5k6r3y4D9j5i4y4K6k6i4y4Q4x3V1j5`.

Creating the smallest possible PE executable

425K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8Z5M7X3g2W2k6r3!0E0i4K6u0W2L8%4u0Y4i4K6u0r3M7X3g2K6k6h3q4J5j5$3S2Q4x3V1k6@1K9h3&6&6M7r3g2Q4x3V1j5`.

How to find vulnerabilities

0b6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3N6&6L8Y4k6S2k6h3I4Q4x3X3g2U0L8$3I4V1N6$3W2F1k6q4)9J5k6i4m8D9i4K6u0r3i4K6y4r3L8r3q4F1k6#2)9K6c8r3g2F1i4K6t1$3j5h3#2H3i4K6y4n7K9h3c8Q4x3@1b7$3y4e0V1`.

A comprehensive fuzzing architecture for memory forensics frameworks

4b0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4U0K9h3g2F1j5$3g2V1K9i4u0W2j5%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6K6j5$3W2W2L8X3y4W2i4K6u0r3j5i4u0@1K9h3y4D9k6g2)9J5c8Y4m8A6K9g2)9J5c8W2x3I4y4K6b7J5x3U0R3%4y4U0p5%4x3K6l9I4z5e0R3$3

Speech and Language Processing

7c6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6W2j5W2)9J5k6i4y4@1j5h3&6X3L8%4u0V1i4K6u0W2k6h3c8#2i4K6u0r3i4K6N6q4K9Y4g2J5j5h3k6K6K9%4W2Q4x3V1k6K6L8s2l9K6i4K6u0r3

IT Security Catalog

0d6K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2A6N6q4)9J5k6s2y4W2j5#2)9J5k6r3y4S2N6r3q4D9L8$3N6Q4x3X3g2A6L8X3k6G2i4K6u0r3

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课

收藏・7

免费・0

支持

分享

打赏 + 2.00雪花

打赏次数 1

雪花 + 2.00

+2.00

2017/09/03

最新回复 (3)
yangya 雪币： 58 活跃值： (1355) 能力值： ( LV2，RANK：10 ) 在线值：发帖 5 回帖 319 粉丝 1 关注私信	yangya 2 楼不错 2017-9-3 19:47 0
开花的水管雪币： 1535 活跃值： (695) 能力值： ( LV2，RANK：10 ) 在线值：发帖 37 回帖 358 粉丝 2 关注私信	开花的水管 3 楼 2017-9-7 18:32 0
chnleon 雪币： 249 活跃值： (11) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 3 粉丝 0 关注私信	chnleon 4 楼 2017-9-24 10:48 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

返回

BDomne

发帖

回帖

RANK

他的文章

看雪公众号

专注于PC、移动、智能设备安全研究及逆向工程的开发者社区