SecWiki周刊（第131期)

SecWiki周刊（第131期）

2016/08/29-2016/09/04

安全资讯

[Web安全] 入侵 Kernel.org 的黑客被捕
http://www.solidot.org/story?sid=49557

[工具] 远程控制木马“复仇Revenge v 0.2”可供免费下载
http://www.easyaq.org/info/infoLink/638353972.shtml

[无线安全] DARPA微系统技术办公室的三大关注点
http://mp.weixin.qq.com/s?__biz=MzA5NjI5OTMxMg==&mid=2650786951&idx=1&sn=a409923af62fc050d9910c224715a362&scene=1&srcid=0903uR2S1RFwbr452ixu1XeH#rd

[文档] 《G20国家互联网发展研究报告<总报告>》八大看点
http://mp.weixin.qq.com/s?__biz=MzA3NjE0MjczMg==&mid=2654053801&idx=2&sn=7b3bd2ba1fe8bc76a433040d4ba5d1e7&scene=1&srcid=09010h7FCNNNiLXlznYzmh5V#rd

[杂志] 知远防务快讯2016.08.19[第335期]
http://www.knowfar.org.cn/enews/2016-08-19.htm

[取证分析] 监控设备供货商Cobham产品目录被泄
http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655294295&idx=1&sn=bd862a98a6c088d7f6e832fb6924f919&scene=1

[会议] 目标黑客“集市”：今年的KCon都有哪些亮点和干货？
http://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651068475&idx=1&sn=9d97b8345ce47e8b6e5d60da87c6a91e&scene=1

[其它] 如何看待安全圈的一些媒体文——安全不是要贩卖恐惧
http://blog.sina.com.cn/s/blog_72628e9f0102xkhz.html

[事件] Fireeye首次发布亚太地区M-Trends报告再次抹黑中国
https://www2.fireeye.com/rs/848-DID-242/images/Mtrends2016.pdf

[爆库] 43 million passwords hacked in Last.fm breach
https://techcrunch.com/2016/09/01/43-million-passwords-hacked-in-last-fm-breach/

[其它] Taiwan's "Cyber Army" Plan
http://blog.project2049.net/2016/07/taiwans-cyber-army-plan.html

[事件] 美国云存储服务Dropbox发生数据泄露事故影响近6900万帐号
http://www.mottoin.com/88736.html

[事件] U.S. military computer attacked
http://www.nbcnews.com/id/3078482/ns/technology_and_science-tech_and_gadgets/t/us-military-computer-attacked/#.V8kqdfkmhyC

[恶意分析] Transmission官方客户端被替换成恶意版本
http://www.solidot.org/story?sid=49537

[爆库] Hackers Stole Account Details for Over 60 Million Dropbox Users
http://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts

安全技术

[漏洞分析] Z3约束求解器入门指南
http://rise4fun.com/z3/tutorial/guide

[恶意分析] PyQemu基于动态二进制插桩的加密监测框架
https://github.com/pleed/pyqemu

[运维安全] 面向黑客和开发者的代码审计视频教程
https://www.pluralsight.com/courses/code-auditing-security-hackers-developers

[Web安全] Web安全测试中常见逻辑漏洞解析（实战篇）
http://www.freebuf.com/vuls/112339.html

[Web安全] web中各种命令注入的检测和利用一
http://blog.csdn.net/qq_29277155/article/details/52421578

[运维安全] DN42 - 一个大型的 VPN 网络
https://imlonghao.com/45.html

[Web安全] 证书检测二三事
https://www.secpulse.com/archives/51641.html

[漏洞分析] Osx Apache Code To Reveal CVE-2013-0966 漏洞分析
http://www.thinkings.org/2016/06/01/osx-code-receal-cve-2013-0966.html

[无线安全] DIY天线自动追踪系统OpenATS
http://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651061796&idx=3&sn=5acaafbffbcf540ea84752d06535a0ab&scene=0#rd

[移动安全] iOS 10 - Kernel Heap Revisited
https://papers.put.as/papers/ios/2016/D2-StefanEsser-iOS10KernelHeapRevisited.pdf

[无线安全] 开源BTS产品中存在多处漏洞，攻击者或可劫持手机通讯基站
http://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651061808&idx=1&sn=b32dbe04a35984f0e66131d0d6df6a6d&scene=0#rd

[其它] 隐写技巧——PNG文件中的LSB隐写
http://www.mottoin.com/88380.html

[漏洞分析] 当代漏洞挖掘方法总结
https://www.nccgroup.trust/uk/our-research/research-insights-vol-9-modern-security-vulnerability-discovery/?research=Whitepapers

[数据挖掘] 我的Kaggle初体验 -- Grupo Bimbo Inventory Demand
https://zhuanlan.zhihu.com/p/22266330

[取证分析] 看警方如何社工暗网恋童网站逮捕虐童狂魔
http://www.freebuf.com/news/113231.html

[Web安全] zabbixPwn: Zabbix Jsrpc.php Injection Exploit
https://github.com/re4lity/zabbixPwn

[漏洞分析] 跨虚拟机的 Row Hammer 攻击以及虚拟机逃逸
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_xiao.pdf

[运维安全] 基于Windows事件日志的入侵检测
https://cyber-ir.com/2016/08/27/intrusion-detection-with-windows-event-ids/

[编程技术] Moeditor — Your all-purpose markdown editor
https://moeditor.github.io/

[移动安全] 国内自有内核手机浏览器安全情况分析
http://appscan.360.cn/blog/?p=76

[设备安全] Arduino IoT 设备的安全性分析和漏洞利用
http://www.seg.inf.uc3m.es/~guillermo-suarez-tangil/papers/2016mal-iot.pdf

[文档] FreeTalk深圳站活动部分PPT#密码: 17sm
https://pan.baidu.com/share/init?shareid=3878110204&uk=2653424809

[Web安全] VulApps: 快速搭建各种漏洞环境(Various vulnerability environment)
https://github.com/Medicean/VulApps

[恶意分析] 《猎捕Lurk犯罪组织》来自卡巴斯基的报告
https://securelist.com/analysis/publications/75944/the-hunt-for-lurk/

[恶意分析] 感染百万物联网设备的BASHLITE家族恶意代码简要分析
http://mp.weixin.qq.com/s?__biz=MzI4ODA4MTcxMA==&mid=2649549772&idx=1&sn=6ef949ed1c893a7d08b4ea5f5ceea2e4&scene=1

[其它] 安全奥斯卡（Pwnie Awards 2016）获奖名单
http://www.freebuf.com/news/113309.html

[Web安全] 利用SameSiet特性阻断跨站时序攻击
https://www.igvita.com/2016/08/26/stop-cross-site-timing-attacks-with-samesite-cookies/

[恶意分析] 基于 Unicorn 引擎，调用恶意软件自身的解密代码
http://researchcenter.paloaltonetworks.com/2016/08/unit42-pythons-and-unicorns-and-hancitoroh-my-decoding-binaries-through-emulation/

[恶意分析] CylancePROTECT® vs. FSociety Ransomware
https://blog.cylance.com/cylanceprotect-vs-fsociety-ransomware

[漏洞分析] 挖掘异步类问题相关漏洞
https://portswigger.net/knowledgebase/papers/HuntingAsynchronousVulnerabilities2.pdf

[无线安全] 关于伪基站及网络安全的一点总结
http://mp.weixin.qq.com/s?__biz=MzAwMTYzMDc3OQ==&mid=2650184342&idx=1&sn=5078805484a0decf4992ed055bfac95f&scene=1&srcid=0901GW6JTcRE6gZmzIlZlxHb#rd

[Web安全] PHP7反序列化漏洞的利用
http://blog.checkpoint.com/wp-content/uploads/2016/08/Exploiting-PHP-7-unserialize-Report-160829.pdf

[设备安全] ICS/SGADA学习资料库
http://www.robertmlee.org/a-collection-of-resources-for-getting-started-in-icsscada-cybersecurity/

[运维安全] CentOS下tomcat安全配置
http://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247483853&idx=1&sn=6b9a41c30f70335a87aba04fc476356a&scene=1&srcid=0903KLbWJiAjpJSwzggQuh94#rd

[编程技术] Python中编码二三事
http://das.scusec.org/2016/09/02/python-chardet/

[Web安全] PHP-vulnerability-audit-cheatsheet
https://github.com/dustyfresh/PHP-vulnerability-audit-cheatsheet

[移动安全] IOS设备APT攻击Pegasus详细技术报告
https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf

[漏洞分析] Windows调试符号下载，包括Windows 10符号
https://developer.microsoft.com/en-us/windows/hardware/download-symbols

[恶意分析] Binary's blog: Neutrino Exploit Kit
http://binaryhax0r.blogspot.com/2016/08/neutrino-exploit-kit-swf-analysis.html

[Web安全] 攻击PHP框架
http://www.mottoin.com/88624.html

[Web安全] 百度开源深度学习平台PaddlePaddle
https://github.com/baidu/paddle

[恶意分析] 开源恶意软件分析系统Aleph
https://n0where.net/aleph-opensource-malware-analysis-system/

[恶意分析] IoT Home Router Botnet Leveraged in Large DDoS Attack
https://blog.sucuri.net/2016/09/iot-home-router-botnet-leveraged-in-large-ddos-attack.html

[编程技术] 技术团队风格指南
https://zhuanlan.zhihu.com/p/22266609?refer=rumor

[编程技术] 软件架构入门
http://www.ruanyifeng.com/blog/2016/09/software-architecture.html

[恶意分析] Pegasus间谍套件内部原理及流程剖析
http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458279399&idx=1&sn=bb43a07a941d2e59c2cccd981a092bd6&scene=0#rd

[Web安全] 独立挖了hackerone 50W美金的安全研究人员的总结
https://www.bugbountyhq.com/front/latestnews/dWRWR0thQ2ZWOFN5cTE1cXQrSFZmUT09/

[数据挖掘] 社交网络中的用户属性预测
http://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652306914&idx=1&sn=b8842fa80a75fb0e4920b6a7ec4589d1&scene=0#rd

[漏洞分析] Powershell禁用绕过白名单防护
http://www.mottoin.com/88841.html

[移动安全] NSO使用的iOS/macOS xnu kernel UAF漏洞分析
http://sektioneins.de/en/blog/16-09-02-pegasus-ios-kernel-vulnerability-explained.html

[恶意分析] 泰GSB银行ATM劫案样本分析报告
http://blog.nsfocus.net/gsb-bank-atm-robberies-sample-analysis-report/

[Web安全] Using Chrome’s web-custom-data UTI to inject a stored XSS in Slack
https://labs.detectify.com/2016/09/01/using-chromes-web-custom-data-uti-to-inject-a-stored-xss-in-slack/

[运维安全] 成熟产品IPS的创新实践和思考
http://blog.nsfocus.net/innovative-practice-thinking-mature-products-ips/

[恶意分析] D-Link路由器固件后门，导致内网域名劫持
http://www.freebuf.com/articles/terminal/113487.html

[无线安全] 编号SL-14RB：浅谈卫星安全の第三弹
http://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946254&idx=1&sn=40eb37ab418913548ea6c4a9f1d10a9d&scene=1

[Web安全] Breaking XSS WAF Evasion CheatSheet
http://www.rafayhackingarticles.net/2016/09/breaking-great-wall-of-web-xss-waf.html#

[Web安全] github-dorks: Collection of github dorks and helper tool
https://github.com/techgaun/github-dorks

[运维安全] 蜜罐系统设计的一些想法
http://www.freebuf.com/articles/system/113031.html

[移动安全] Needle：iOS的安全性测试框架
http://www.mottoin.com/88741.html

[漏洞分析] 一个矩形pwn掉整个内核系列之一 – zone的舞蹈
https://blog.flanker017.me/blitzard-1/

[移动安全] 老旧版本libupnp库安全风险分析
http://appscan.360.cn/blog/?p=114

[漏洞分析] 如何防范算法求逆
http://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458279395&idx=1&sn=648c360da5b14d669e6b6e65ad852579&scene=1

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第131期)

SecWiki周刊（第131期）

最新公告

友情链接

SecWiki公众号

安全学术圈