Security News | 安全資訊 (2015-12-28)

Android

• Mobile Security News Update December 2015
• Reverse Engineering the Yik Yak Android App
• Exploring Android's SELinux Kernel Policy
• Android Sensor Integration Part 1: Sensor Stack and Kernel Module, part 1, part 2, part 3
• Changelog for NDK Build 2490520
  • PSA: Everyone should be switching to Clang.
  • GCC in the NDK is now deprecated.
  • Binutils: Unified binutils source between Android and ChromiumOS.

iOS/OS X

• About the 'Yalu' Bug Chain
• CVE-2015-3795

Linux

• Shellcode Injection
  • Early post about buffer overflow exploit: Buffer Overflow Exploit

Web

• Jumping The Fence – How Detecting Malicious PHP Files Isn’t That Easy.
• Vulnerable examples
  • hackazon: A modern vulnerable web app
  • DVNA: Damn Vulnerable Node Application
• Apache 2.4.17 - Denial of Service
• PHP 7.0.0 - Format String Vulnerability
• A Hardcore XSS
• Compromising PressPlay with $800

Windows

• An Introduction to Backdooring Operating Systems
• #OLEOutlook - bypass almost every Corporate security control with a point’n’click GUI
• 再利用Chakra引擎绕过CFG (Chinese)

Tool

• crackle: cracks BLE Encryption (AKA Bluetooth Smart)
• F-Secure see: Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments.
• dnSpy
• IEFuzz - A Static Internet Explorer Fuzzer
• PyCat:Pycat is a python replacement tool for netcat.
• dnschan: This is a trojan that runs over DNS.
• pdbex: pdbex is a utility for reconstructing structures and unions from the PDB files into compilable C headers.
• VisUAL: A highly visual ARM emulator.
• IdaHaskell: Allows to execute haskell code in Ida Pro.

Misc

• An Easy Way to Secure Java Applications
• Why it’s harder to forge a SHA-1 certificate than it is to find a SHA-1 collision
• On the Juniper backdoor
• Reverse engineering the ARM ALU
• Some Analysis of the Backdoored Backdoor
• Heap Tracking
• A (mostly) useful debugger on z/OS
• A History of Hard Choices
• Extracting the Private Key from a TREZOR

CTF

• NCN2k15 CTF "CivilWar" writeup

Conference

• ekoparty Security Conference - 11th edition, video
• 32c3
  • Release
  • Collective Authorities: Securely Decentralising Trust at Scale
  • Datahavens: From HavenCo to Today
  • Tools for Red Star OS

Source

The resources are collected in various sources such as blog feeds, Twitter and Weibo. Here, I list some of my personally favorite sources.

• Security feeds in my subscriptions, download OPML
• Security guys in my Twitter following.
  • Tweets of @binitamshah
• Security guys in my Weibo following.
  • 每日安全动态推送 from Weibo @腾讯玄武实验室 (Chinese)