SecWiki周刊（第18期)

SecWiki周刊（第18期）

2014/06/30-2014/07/06

安全资讯

[恶意分析] 2014年第25周恶意地址跟踪小结
http://blog.topsec.com.cn/ad_lab/2014%e5%b9%b4%e7%ac%ac25%e5%91%a8%e6%81%b6%e6%84%8f%e5%9c%b0%e5%9d%80%e8%b7%9f%e8%b8%aa%e5%b0%8f%e7%bb%93/

安全技术

[移动安全] 安卓KeyStore栈溢出漏洞分析（CVE-2014-3100）
http://blogs.360.cn/360mobile/2014/07/01/c

[Web安全] 编写自己的Acunetix WVS漏洞脚本
http://drops.wooyun.org/tips/2498

[Web安全] CRLF Injection漏洞的利用与实例分析
http://drops.wooyun.org/papers/2466

[移动安全] OWASP iOSForensic
http://hack-tools.blackploit.com/2014/07/owasp-iosforensic-tool-to-help-in.html

[运维安全] MongoDB安全配置
http://drops.wooyun.org/%e8%bf%90%e7%bb%b4%e5%ae%89%e5%85%a8/2470

[Web安全] Discuz7.2 最新注入漏洞分析
http://www.91ri.org/9493.html

[移动安全] Android 4.4.2 Secure USB Debugging Bypass
https://labs.mwrinfosecurity.com/advisories/2014/07/03/android-4-4-2-secure-usb-debugging-bypass/

[Web安全] Offensive Computer Security Home Page (CIS 4930 / CIS 5930) Spring 2014
http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html

[设备安全] HID攻击之TEENSY实战
http://blog.topsec.com.cn/ad_lab/hid%E6%94%BB%E5%87%BB%E4%B9%8Bteensy%E5%AE%9E%E6%88%98/

[数据挖掘] 常用推荐算法
http://liyonghui160com.iteye.com/blog/2082450

[恶意分析] Dragonfly gang is targeting Western energy industry
http://acst8ey2xb.l18.yunpan.cn/lk/QhvvyBiw8w9f5

[设备安全] Exploring the impact of a hard drive backdoor
http://s3.eurecom.fr/~zaddach/docs/Recon14_HDD.pdf

[移动安全] AppUse:Android Pentest Platform Unified Standalone Environment
https://appsec-labs.com/appuse

[设备安全] Automotive Grade Linux Released for Open Source Cars
http://thevarguy.com/open-source-application-software-companies/070114/automotive-grade-linux-released-open-source-cars

[Web安全] 全方位绕过安全狗
http://www.freebuf.com/articles/web/37501.html

[编程技术] TokuMX使用小计
http://www.luanxiang.org/blog/archives/1763.html

[恶意分析] Analysis of a New Banking Trojan Spammed by Cutwail
http://blog.spiderlabs.com/2014/07/analysis-of-a-banking-trojan-spammed-by-cutwail.html

[漏洞分析] Python Arsenal for Reverse Engineering
http://pythonarsenal.erpscan.com/

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第18期)