Android安全技術周報 07.31 - 08.06
System Internals
1. Android 的A/B (Seamless) 無縫熱補丁更新技術
https://source.android.com/devices/tech/ota/ab_updates
2. Android 在降低攻擊界面方面的安全改進,包括Android N MediaServer、Android O Webview、SELinux、Linux內核等
https://www.blackhat.com/docs/us-17/thursday/us-17-Kralevich-Honey-I-Shrunk-The-Attack-Surface-Adventures-In-Android-Security-Hardening.pdf
3. BadIntent - 使用 Burp Suite 攔截、修改、重放和攻擊 Android 的Binder 通信
https://github.com/mateuszk87/BadIntent
Malware
1. 模仿WannaCry 的 Android 勒索軟體SLocker
http://blog.trendmicro.com/trendlabs-security-intelligence/new-wannacry-mimicking-slocker-abuses-qq-services/
2. 超過20 款的 BankBot 移動端惡意軟體進駐Google Play 商店
https://securityintelligence.com/after-big-takedown-efforts-20-more-bankbot-mobile-malware-apps-make-it-into-google-play/
3. AVPASS -- 自動化繞過安卓惡意軟體檢測系統的工具 Blackhat US 2017
https://www.blackhat.com/docs/us-17/thursday/us-17-Jung-AVPASS-Leaking-And-Bypassing-Anitvirus-Detection-Model-Automatically.pdf
4. 鎖屏病毒小結 & 序
http://blog.csdn.net/qq_18693351/article/details/53535888
http://blog.csdn.net/qq_18693351/article/details/52232095
Vulnerability
1. 一加 2 手機篡改 Bootloader SBL1 分區可以禁用後續的Bootloader 簽名驗證邏輯(CVE-2017-11105)
https://alephsecurity.com/vulns/aleph-2017026
2. 兩個Android Qualcomm 加密引擎驅動程序中提權漏洞(CVE-2016-3935/CVE-2016-6738)的PoC
https://github.com/jiayy/android_vuln_poc-exp
3. CVE-2017-7368:高通音效卡驅動中的條件競爭漏洞分析
http://mp.weixin.qq.com/s/tHhNrg-8Y4LvCTcZleoY2Q
4. 如何使用Fuzzing挖掘ImageMagick的漏洞,包括Fuzzer 的代碼:
https://github.com/lcatro/Fuzzing-ImageMagick
5. Defeating Samsung KNOX with zero privilege,三星 KNOX 的安全問題
https://www.blackhat.com/docs/us-17/thursday/us-17-Shen-Defeating-Samsung-KNOX-With-Zero-Privilege.pdf
Tech
1. 當代網路攻擊中的隱寫術介紹
https://securelist.com/steganography-in-contemporary-cyberattacks/79276/
2. 利用GDB調試ARM代碼
http://bobao.360.cn/learning/detail/4170.html
3. OWASP移動安全測試指南
https://b-mueller.gitbooks.io/the-owasp-mobile-security-testing-guide/content/
4. 社工庫雜談
https://bbs.ichunqiu.com/thread-20469-1-1.html
5. Brida:使用Frida進行移動應用滲透測試
https://techblog.mediaservice.net/2017/07/brida-advanced-mobile-application-penetration-testing-with-frida/
Conf
1. DEFCON 25 會議的PPT 資料
https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/
2. BlackHat USA 2017 會議的資料
https://www.blackhat.com/us-17/briefings.html
推薦閱讀:
※比特網專訪幾維安全CEO范俊偉
※Android安全技術周報 11.03 - 11.09
※如何判斷你的手機是否被黑客入侵?
※移動應用安全威脅如影隨形,APP安全加固迫在眉睫
※移動服務安全現狀分析!