V-gHost : QEMU-KVM VM Escape in vhost/vhost-net
blade.tencent.com • Tools Vulnerability

V-gHost - Tencent Blade 团队披露能够实现 QEMU-KVM 虚拟机逃逸的 vhost/vhost-net 内核模块的溢出漏洞(CVE-2019-14835) Jett • 13 hours ago

0   

Skidmap Linux miner leverages kernel-mode rootkits to evade detection
securityaffairs.co • Linux

Skidmap Linux 恶意软件利用 RootKit 隐藏挖矿 Payload Jett • 13 hours ago

0   

virtualbox_3d_exp.py
gist.github.com • Exploit

VirtualBox 3D 模块本月修复的漏洞的 Exploit Jett • 13 hours ago

0   

objective-see/FileMonitor
github.com • macOS

objective-see 开源了一个基于 Endpoint Security Framework 框架写的文件监控工具 Jett • 15 hours ago

1   

Black Hat Europe 2019
www.blackhat.com • Conference

Black Hat Europe 2019 会议议题列表(部分)公开了 Jett • 15 hours ago

0   

Frida 12.7 Released
frida.re • Tools

Frida 更新 12.7 版本,新增 CModule,支持通过内置 TinyCC 编译器实时编译创建 NativeFunction Jett • 15 hours ago

0   

Critical Vulnerability in Harbor Enables Privilege Escalation from Zero to Admin (CVE-2019-16097)
unit42.paloaltonetworks.com

开源企业级Registry服务器 Harbor 被发现越权漏洞(CVE-2019-16097) Jett • 15 hours ago

0   

moohax/Proof-Pudding
github.com

Proof-Pudding - 滥用 Copy-Cat 模型攻击 ProofPoint 邮件评分系统的工具 Jett • 15 hours ago

0   

GitHub - bluscreenofjeff/Red-Team-Infrastructure-Wiki: Wiki to collect Red Team infrastructure hardening resources
github.com • Tools Pentest

渗透测试中 Red Team 攻击团队的基础设施加固 WiKi Jett • 15 hours ago

0   

D-Link 816-A2 路由器研究分享
Galaxy Lab

dlink路由器分析,主要针对webserver部分固件分析和固件升级机制。 icepng • 1 day ago

0   

Linux Heap glibc TCache Double Free Mitigation Bypass
blog.infosectcbr.com.au • Linux

Linux Heap glibc TCache Double Free Mitigation Bypass Jett • 1 day ago

0   

iOS 13 exploit bypasses the lockscreen for access to contacts
www.theverge.com • iOS

有研究员发现了一个 iOS 13 的绕过锁屏访问通讯录的漏洞 Jett • 1 day ago

0   

From BinDiff to Zero-Day: A Proof of Concept Exploiting CVE-2019-1208 in Internet Explorer
TrendLabs Security Intelligence Blog • Browser

Trend Micro的安全研究员在对微软更新进行BinDiff的过程中,发现了VBScript引擎新的UAF漏洞。 dwfault • 1 day ago

0   

4B5F5F4B/HyperV
github.com

研究员 4B5F5F4B 为 Hyper-V RCE(CVE-2017-007) 漏洞写的 PoC Jett • 1 day ago

0   

How does JVM allocate objects? - Java
umumble.com

JVM 虚拟机创建对象的过程分析 Jett • 1 day ago

0   

Patch Analysis: Examining a Missing Dot-Dot in Oracle WebLogic
Zero Day Initiative - Blog

WebLogic CVE-2019-2618 CVE-2019-2827 补丁分析 whip1ash • 1 day ago

0   

AMD Radeon Graphics Cards Open VMware Workstations to Attack
Threatpost

AMD Radeon 图形卡驱动漏洞影响 VMware Workstation 15 64 位 Windows 10 Guest 虚拟机 Jett • 1 day ago

0   

microsoft/STL
github.com

微软开源了 MSVC 的 C++ 标准库 STL Jett • 1 day ago

1   

A2nkF/macOS-Kernel-Exploit
github.com • macOS

研究员 A2nkF 公开了一个 macOS 内核 0Day Exploit Jett • 1 day ago

1   

Continuous Integration Continuous Bounties.pdf
drive.google.com

Alex Chapman 关于在软件持续集成/部署流程中挖掘漏洞的实践,来自 44CON 会议 Jett • 1 day ago

1   

Tags

Tools Malware Windows Browser Vulnerability Android Web Attack Linux iOS Pentest Conference Defend macOS Network IoT Wireless Reverse Engineering Fuzzing Virtualization Crypto Programming CTF Machine Learning Report Firmware Forensics Data Breach PoC Mitigation Backdoor SCADA Threat Intelligence Side Channel Blockchain Exploit Hardware Supply Chain Bug Bounty Privacy Power Analysis
Loading