SecWiki周刊(第128期)
2016/08/08-2016/08/14
安全资讯
[Web安全]  又一起以政府为目标的重大网络威胁——ProjectSauron
http://www.mottoin.com/86962.html
[Web安全]  Dota2论坛遭黑客入侵 泄露近200W用户数据
http://www.mottoin.com/86847.html
[Web安全]  微软再曝安全漏洞:允许黑客绕过Windows安全启动
http://www.mottoin.com/87089.html
[数据挖掘]  Palantir:神秘的独角兽公司,做产品还是做服务
http://mp.weixin.qq.com/s?__biz=MzA4NzM3MTI1MQ==&mid=2247486010&idx=2&sn=7c8009fd5f6e56ed3f167b7053a72440
[比赛]  阿里云安全算法挑战赛 钓鱼网站检测&WebShell通信检测
https://tianchi.shuju.aliyun.com/competition/information.htm?raceId=231585
[运维安全]  互联网上的污染
http://www.solidot.org/story?sid=49244
[事件]  新三板最大并购案:南洋股份57亿人民币收购天融信切入信息安全行业
http://www.valleytalk.org/2016/08/05/%e6%96%b0%e4%b8%89%e6%9d%bf%e6%9c%80%e5%a4%a7%e5%b9%b6%e8%b4%ad%e6%a1%88%ef%bc%9a%e5%8d%97%e6%b4%8b%e8%82%a1%e4%bb%bd57%e4%ba%bf%e4%ba%ba%e6%b0%91%e5%b8%81%e6%94%b6%e8%b4%ad%e5%a4%a9%e8%9e%8d%e4%bf%a1/
[事件]  Data Breach At Oracle’s MICROS Point-of-Sale Division
http://krebsonsecurity.com/2016/08/data-breach-at-oracles-micros-point-of-sale-division/
[其它]  The DAO Hacker is Getting Away
http://www.coindesk.com/ethereum-dao-hacker-getting-away-classic/?utm_content=buffer94ccc&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
[设备安全]  A New Wireless Hack Can Unlock 100 Million Volkswagens
https://www.wired.com/2016/08/oh-good-new-hack-can-unlock-100-million-volkswagens/
[事件]  Dota 2 forum breach leaks 2 million user accounts
http://www.zdnet.com/article/dota-2-players-targeted-by-forum-hackers-in-new-breach/?utm_source=dlvr.it&utm_medium=twitter#ftag=RSSbaffb68
安全技术
[论文]  USENIX Security '16 : 安全顶会议题及论文
https://www.usenix.org/conference/usenixsecurity16/technical-sessions
[Web安全]  WAF攻防研究之四个层次Bypass WAF
http://www.mottoin.com/86886.html
[无线安全]  使用SDR扫描嗅探GSM网络
http://www.freebuf.com/articles/wireless/110773.html
[其它]  2016年中回顾:网络安全威胁TOP6分析报告
http://www.freebuf.com/articles/database/111351.html
[漏洞分析]  初探Windows Fuzzing神器----Winafl
https://mp.weixin.qq.com/s?__biz=MzI4MzI4MDg1NA==&mid=2247483695&idx=1&sn=1de5db39d6986560d80ab604aae88467&scene=1&srcid=0809LR0yEgkq6U2DLBdpRKAT
[移动安全]  浅谈安卓开发代码混淆技术
http://blog.yaq.qq.com/detail/7
[运维安全]  web 可用性监控工具 Urlooker
https://github.com/710leo/urlooker
[移动安全]  Android安全开发之WebView中的地雷
http://blog.yaq.qq.com/detail/10
[设备安全]  https://github.com/ufrisk/pcileech
https://github.com/ufrisk/pcileech
[恶意分析]  东巽科技2046Lab团队APT报告:“丰收行动”
https://mp.weixin.qq.com/s?__biz=MzA5Njk2MjQwNQ==&mid=2662971031&idx=1&sn=5e3ec5f92353d65758fc9e5dacd511f5&scene=1&srcid=0808xHpyGeoLW6D85Jqyjezg
[Web安全]  Earthworm:便携式网络穿透工具
http://www.mottoin.com/87056.html
[漏洞分析]  Pure Off-path TCP attack demo by using a side channel in Recent Linux Kernel
https://www.youtube.com/watch?v=5h4rhAAFXFk
[Web安全]  如何挖掘Uber网站的XXE注入漏洞
http://www.mottoin.com/86853.html
[Web安全]  无回显命令执行PoC编写方法(Apache Shiro Java反序列化)
http://www.mottoin.com/87095.html
[恶意分析]  追踪溯源:希拉里邮箱泄露事件
https://zhuanlan.zhihu.com/p/21950527
[Web安全]  Web_Dionaea: 基于Docker的蜜罐系统-MottoIN
http://www.mottoin.com/86937.html
[Web安全]  开源威胁情报工具和技术-MottoIN
http://www.mottoin.com/86742.html
[Web安全]  hacking-resources(典型漏洞的实际例子列表,国外)
https://www.torontowebsitedeveloper.com/hacking-resources
[Web安全]  乌云 Drops 文章在线浏览
https://jiji262.github.io/wooyun_articles/
[Web安全]  The ITRC 2016 Data Breach Report
http://www.idtheftcenter.org/images/breach/ITRCBreachReport2016.pdf
[恶意分析]  Cracking HawkEye Keylogger Reborn
http://blog.deniable.org/blog/2016/08/04/cracking-hawkeye-keylogger-reborn/
[Web安全]  从栈溢出到简单的shellcode开发
http://www.mottoin.com/86821.html
[文档]  DEF CON® 24 Hacking Conference Torrent
https://www.defcon.org/html/defcon-24/dc-24-news.html#dc24cdtorrents
[漏洞分析]  BitBlaze: Binary Analysis for Computer Security
http://bitblaze.cs.berkeley.edu/
[Web安全]  创建一个基于powershell的蠕虫(附POC)
http://www.mottoin.com/87060.html
[Web安全]  A Black Path Toward The Sun - HTTP Tunnel 工具简介
http://www.mottoin.com/86956.html
[恶意分析]  Reversing a Finite Field Multiplication Optimization
http://blog.quarkslab.com/reversing-a-finite-field-multiplication-optimization.html
[Web安全]  bypasswaf: Burp extension to bypass some WAF products
https://github.com/codewatchorg/bypasswaf
[编程技术]  btlike BT搜索引擎
http://btlike.com/
[编程技术]  Playing Fasttracker 2 .XM files in Javascript – a1k0n.net
https://www.a1k0n.net/2015/11/09/javascript-ft2-player.html
[恶意分析]  Cracking Orcus RAT
http://blog.deniable.org/blog/2016/08/09/cracking-orcus-rat/
[运维安全]  Pcap-Analyzer: Python编写的简单的离线数据包分析器
https://github.com/HatBoy/Pcap-Analyzer
[漏洞分析]  The DEFCON CTF VM
http://fuzyll.com/2016/the-defcon-ctf-vm/
[Web安全]  企业信息安全之社工学审计
http://www.mottoin.com/86806.html
[漏洞分析]  DECAF - Dynamic Executable Code Analysis Framework
https://github.com/sycurelab/DECAF
[恶意分析]  binary.ninja : a reverse engineering platform
https://binary.ninja/
[Web安全]  怎样使用 Tripwire 来检测 Ubuntu VPS 服务器的入侵
http://www.mottoin.com/86967.html
[数据挖掘]  Binmap: a system scanner
http://blog.quarkslab.com/binmap-a-system-scanner.html
[数据挖掘]  SCAF - source-code-analysis-framework
http://blog.quarkslab.com/scaf-source-code-analysis-framework-based-on-clang-pre-alpha-preview.html
[漏洞分析]  Return Oriented Exploitation (ROP)
https://www.youtube.com/watch?v=5FJxC59hMRY#t=12.068027
[数据挖掘]  Implementing a Custom Directive Handler in Clang
http://blog.quarkslab.com/implementing-a-custom-directive-handler-in-clang.html
[运维安全]  OSTrICa - Open Source Threat Intelligence Collector
https://github.com/Ptr32Void/OSTrICa
[设备安全]  浅谈工控安全|附送工控系统仿真程序和相关技术文档
http://www.sec-un.org/discussion-on-industrial-safety.html
[Web安全]  PHP安全编码规范之安全配置篇
http://blog.topsec.com.cn/ad_lab/audit-defanse/
[编程技术]  [Defcon24] Introduction to the Witchcraft Compiler Collection
http://www.slideshare.net/endrazine/introduction-to-the-witchcraft-compiler-collection
[设备安全]  ics-default-passwords:List of default passwords for Industrial Control Systems
https://github.com/arnaudsoullie/ics-default-passwords
[Web安全]  也说DNS反弹Shell
http://phantom0301.github.io/2016/08/11/DNSshell/
[编程技术]  DEF CON 24 Hacking Conference all Slides
https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/
[Web安全]  httphijack: 使用Javascript实现前端防御http劫持及防御XSS攻击
https://github.com/chokcoco/httphijack
[Web安全]  一次针对存储型XSS的fuzzing
http://ecma.io/?p=448
[编程技术]  Triton under the hood
http://blog.quarkslab.com/triton-under-the-hood.html
[漏洞分析]  Wordpress Joomla Drupal 最近十年漏洞类型分布
https://samsclass.info/129S/proj/CMSvulns080916.htm
[漏洞分析]  symantec - Security Response Custom Report
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Symantec_Remsec_IOCs.pdf
[漏洞分析]  toxic proxies bypassing https and vpns to pwn online identity
https://speakerdeck.com/noxrnet/toxic-proxies-bypassing-https-and-vpns-to-pwn-your-online-identity
[恶意分析]  How I Cracked a Keylogger and Ended Up in Someone's Inbox
https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keylogger-and-Ended-Up-in-Someone-s-Inbox/
[编程技术]  A brief survey of Fully Homomorphic Encryption, computing on encrypted data
http://blog.quarkslab.com/a-brief-survey-of-fully-homomorphic-encryption-computing-on-encrypted-data.html
[运维安全]  datasploit: A tool to perform various OSINT techniques
https://github.com/upgoingstar/datasploit
[设备安全]  BCBP登机牌安全研究一
https://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946119&idx=1&sn=178c7e89166a0dabaadc4d4684e69745&scene=1&srcid=0811jWGTyLMAcBOQtVcG0yVp
[漏洞分析]  David Brumley's Research
https://users.ece.cmu.edu/~dbrumley/
[恶意分析]  ProjectSauron APT On Par With Equation, Flame, Duqu
https://threatpost.com/projectsauron-apt-on-par-with-equation-flame-duqu/119725/
[比赛]  机器的黎明 -- 第24届DEF CON CTF总决赛亚军队员访谈
https://zhuanlan.zhihu.com/p/22005633
[漏洞分析]  IRMA v1.3.0 released
http://blog.quarkslab.com/irma-v130.html
[漏洞分析]  BadTunnel利用之远程劫持任意内网主机流量
http://mp.weixin.qq.com/s?__biz=MzA4MDMwMjQ3Mg==&mid=2651864934&idx=1&sn=47fabdf7384a29fc6fcaca48bacbe68b&scene=1
[漏洞分析]  Xen exploitation part 3: XSA-182, Qubes escape
http://blog.quarkslab.com/xen-exploitation-part-3-xsa-182-qubes-escape.html
[Web安全]  使用HTTP头去绕过WAF
http://weibo.com/p/230418d7058b150102wm3e
[编程技术]  Keyringer: encrypted and distributed secret sharing software
https://keyringer.pw/
[编程技术]   WASE - The Web Audit Search Engine
https://github.com/thomaspatzke/WASE
[恶意分析]  Identifying Scam Infrastructure
https://blog.opendns.com/2016/08/05/identifying-scam-infrastructure/
[漏洞分析]  Xen exploitation part 1: XSA-105, from nobody to root
http://blog.quarkslab.com/xen-exploitation-part-1-xsa-105-from-nobody-to-root.html
[Web安全]  coala: Language Independent Code Analysis
https://github.com/coala-analyzer/coala
[漏洞分析]  Xen exploitation part 2: XSA-148, from guest to host
http://blog.quarkslab.com/xen-exploitation-part-2-xsa-148-from-guest-to-host.html
[漏洞分析]  Best DEF CON 24 Hacking Conference slides
https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Lucas-Lundgren-Light-Weight%20Protocol-Critical-Implications.pdf
[设备安全]  BCBP登机牌安全研究の第二弹
https://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946153&idx=1&sn=ca04d0fe7ed23be27ff33cf4529e4bfc&scene=1&srcid=08114LEr3mNsym96tmRMyIUm
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第128期)