標籤:

Android安全技術周報 10.20 - 10.26

System

1. Samsung TEEgris - 三星提供的系統級安全解決方案,為 APP 提供基於 TrustZone 的 TEE 執行環境

developer.samsung.com/t

2. NowSecure 發布移動開發(安全編碼)最佳實踐

info.nowsecure.com/rs/2

3. Android獲得「DNS over TLS」支持,以阻止ISP獲取到您訪問的網站信息

xda-developers.com/andr

Malware

1. JadeRAT mobile surveillanceware spikes in espionage activity

blog.lookout.com/mobile

2. LOKIBOT - 第一款混合型 ANDROID 惡意軟體

clientsidedetection.com

3. Fake cryptocurrency trading apps on Google Play

welivesecurity.com/2017

4. 驗證Zimperium移動端機器學習惡意軟體檢測的結果

blog.zimperium.com/vali

Tech

1. MalwareAnalysis - 惡意軟體分析工具及資源集合

github.com/recodeking/M

2. 《惡意樣本分析手冊》合輯

blog.nsfocus.net/malwar

3. 安全客2017季刊-第3期,你想要的乾貨全都有!

bobao.360.cn/news/detai

4. 在Android 手機上安裝 Frida 框架,篡改 SSLContext,Bypass Certificate Pinning 特性:

blog.it-securityguard.com

5. 利用Frida 框架提高逆向工程中的工作效率

https://github.com/DigitalInterruption/DigitalInterruption.github.io/blob/master/Prototyping%20and%20reverse%20engineering%20with%20frida_hacklu.pdf https://github.com/DigitalInterruption/FridaWorkshop

6. An Obfuscating Compiler

eprint.iacr.org/2017/05

7. Hack.lu 2017 會議PPT和演講視頻

2017.hack.lu/archive/20

youtube.com/playlist?

8. Digging Deeper - An In-Depth Analysis of a Fast Flux Network

akamai.com/us/en/multim

9. 防止SSL被取消:簡單入門

blog.cloudflare.com/per

bobao.360.cn/learning/d

10. 軟體安全構建成熟度模型演變與分析

bobao.360.cn/learning/d

11. 國內頂尖團隊的開源地址

github.com/niezhiyang/o

12. 揭秘美國黑產,購物券欺詐對商業活動的危害

freebuf.com/articles/es

13. 斯坦福大學的應用密碼學課程:

crypto.stanford.edu/ crypto.stanford.edu/~da

14. 機器學習及深度學習速查手冊:

startupsventurecapital.com

Tool

1. Assemblyline - 分散式惡意軟體自動化分析框架

bitbucket.org/cse-assem

2. 開源JA3——用於惡意軟體檢測的SSL/TLS指紋識別

engineering.salesforce.com

3. uncaptcha - 對抗 Google 音頻驗證碼的工具,介紹中稱有85% 的正確率:

github.com/ecthros/unca

4. relative-url-extractor:A small tool that extracts relative URLs from a file.

github.com/jobertabma/r

5. FindCrypt:A Python implementation of IDA FindCrypt/FindCrypt2 plugin

github.com/you0708/ida/

6. awesome-yara:A curated list of awesome YARA rules, tools, and people.

github.com/InQuest/awes

7. pcap2curl:Read a packet capture, extract HTTP requests and turn them into cURL commands for replay.

github.com/jullrich/pca

8. JByteMod is a multifunctional bytecode editor. Including syntax highlighting and live decompiling.

github.com/GraxCode/JBy

9. Reptile - LKM Linux Rootkit:

kitploit.com/2017/10/re

10. rev.ng : a suite of tools for binary analysis based on QEMU and LLVM

rev.ng/

Vulnerability

1. 卡巴斯基對幾款流行在線約會APP 的安全測試報告,主要是從隱私泄露和流量加密傳輸兩個角度

securelist.com/dangerou

2. Mobile X-Ray:在線移動應用安全測試 Free online service to audit iOS or Android apps

for OWASP Mobile Top 10 and other vulnerabilities

htbridge.com/mobile/

3. 關於空指針的內核利用

0x00sec.org/t/kernel-ex

bobao.360.cn/learning/d

4. DUHK攻擊相關

The DUHK (Dont Use Hard-coded Keys) Attack is a vulnerability that affects devices using the ANSI X9.31 Random Number Generator (RNG) in conjunction with a hard-coded seed key.

duhkattack.com/

blog.cryptographyengineering.com

freebuf.com/articles/da

5. WPA2相關

WPA2密鑰重裝攻擊原理分析:

freebuf.com/news/150991

無線網路(WI-FI)保護協議標準WPA2漏洞綜合分析報告

paper.seebug.org/420/

6. PoC code of BlueBornes Android RCE vulnerability (CVE-2017-0781)

github.com/ArmisSecurit

7. 大文件下載會使VPN服務提供商PIA的安卓版app崩潰(CVE-2017-15882),版本 v1.3.3.1修復

wwws.nightwatchcybersecurity.com

8. Samsung Galaxy Note 8 (Snapdragon) rooted without tripping KNOX

forum.xda-developers.com

9. 分享一個近期遇到的邏輯漏洞案例

freebuf.com/vuls/151196

10. Recorded Future 通過對比 NVD 和 CNNVD 的漏洞情況,稱美國在漏洞報告方面落後中國:《The Dragon Is Winning:Lags Behind Chinese Vulnerability Reporting》

go.recordedfuture.com/h

11. 在 S2E 中利用定向符號執行的方法處理文件 Parsers,解決路徑爆炸的問題:

Combining S2E and Kaitai Struct for "targeted" symbolic execution of file parsers

adrianherrera.github.io

12. SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits

drive.google.com/file/d


推薦閱讀:

Android安全技術周報 08.11 - 08.17
Android安全技術周報 11.03 - 11.09
2016 中國互聯網仿冒態勢分析報告
Android新手答疑解惑篇——JNI與動態註冊

TAG:移動安全 |