SecWiki周刊(第245期)
2018/11/05-2018/11/11
安全资讯
[其它]  台男子钻银行系统漏洞狂刷6300万新台币 银行被罚
https://nosec.org/home/detail/1947.html
[其它]  年度最佳钓鱼高手 Elon Musk 比特币钓鱼 日获28 BTC
https://nosec.org/home/detail/1939.html
[文档]  卡巴斯基2018年第三季度DDoS攻击报告
https://mp.weixin.qq.com/s/_uI51cd_D2WBe0_0BqPRNA
[其它]  Shellbot僵尸网络:目标物联网设备和Linux服务器
https://nosec.org/home/detail/1937.html
[漏洞分析]  印象笔记曝出存储XSS漏洞,可导致命令执行和文件读取
https://nosec.org/home/detail/1948.html
[设备安全]  大疆无人机曝数据泄露漏洞
https://nosec.org/home/detail/1951.html
[事件]  美国运通近70万条印度客户明文数据泄露
https://nosec.org/home/detail/1952.html
安全技术
[会议]  CCS 2018 会议小记 (一)
https://mp.weixin.qq.com/s/FYZSZGGHgNxaWPPGgp9vKA
[恶意分析]  APT37 移动武器库KevDroid在中国境内攻击行动披露 -- PART 1
https://cert.360.cn/warning/detail?id=164208b67b44a5ffa195d574d9c3a205
[Web安全]  A platform to provide challenge for CTFer
https://github.com/CTFTraining
[运维安全]  人生苦短,我用Wazuh
https://mp.weixin.qq.com/s/qTpLjhbl4gpOTncvdMVOHw
[其它]  Decrypting Traffic in Wireshark
https://hatsoffsecurity.com/2018/10/30/decrypting-traffic-in-wireshark/
[Web安全]  Security Bugs in Practice: SSRF via Request Splitting
https://www.rfk.id.au/blog/entry/security-bugs-ssrf-via-request-splitting/
[漏洞分析]  BFuzz: Chrome 和 Firefox 浏览器的 fuzz 工具
https://github.com/RootUp/BFuzz
[其它]  Identifying Sites in Encrypted Traffic
https://hatsoffsecurity.com/2018/10/29/id-site-from-ssl/
[漏洞分析]  Gogs 远程命令执行漏洞分析
https://www.anquanke.com/post/id/163575
[Web安全]  宝塔面板6.x版本前台存储xss+后台csrf组合拳getshell
https://nosec.org/home/detail/1946.html
[漏洞分析]  从ChimayRed漏洞看不同架构下的栈溢出利用实践
https://mp.weixin.qq.com/s/q1zHgQ864u4t9QlzSIzoZw
[Web安全]  Cobaltstrike Over External C2 via Dropbox
https://truneski.github.io/blog/2018/11/05/cobaltstrike-over-external-c2-via-dropbox/
[无线安全]  如何通过中间人攻击嗅探SIM卡的流量通信
https://www.freebuf.com/articles/wireless/188383.html
[恶意分析]  开源Botnet框架Byob分析
https://www.freebuf.com/sectool/187819.html?from=timeline
[运维安全]  深度解读零信任身份安全专栏
https://www.secrss.com/specials/ed13a8905f42b1d7
[取证分析]  Suricata规则介绍、以及使用suricata-update做规则管理
https://zhuanlan.zhihu.com/p/36340468
[恶意分析]  Linux下的Rootkit驻留技术分析
http://blog.topsec.com.cn/ad_lab/linux%e4%b8%8b%e7%9a%84rootkit%e9%a9%bb%e7%95%99%e6%8a%80%e6%9c%af%e5%88%86%e6%9e%90/
[Web安全]  Nuxeo RCE漏洞分析
http://www.polaris-lab.com/index.php/archives/613/
[漏洞分析]  最新VirtualBox 0day漏洞公开
https://nosec.org/home/detail/1950.html
[运维安全]  浅谈大型互联网的企业入侵检测及防护策略
https://mp.weixin.qq.com/s/1Iry620hCkJ8sHA626T3Dg
[设备安全]  固态硬盘被发现硬盘加密绕过漏洞
https://nosec.org/home/detail/1938.html
[Web安全]  挖洞姿势-Jsonp劫持
http://www.fr1sh.com/?post=20
[取证分析]  LogonTracer:可视化事件日志识别被攻击账户
https://www.freebuf.com/sectool/180895.html
[其它]  CTF老赛棍退休简述
https://www.virzz.com/2018/04/20/the_retire_sketch_by_old_ctfer.html
[漏洞分析]  Intro to Binary Analysis with Z3 and Angr
https://labs.mwrinfosecurity.com/publications/intro-to-binary-analysis-with-z3-and-angr
[Web安全]  PHP伪协议相关
https://zhuanlan.zhihu.com/p/49206578
[恶意分析]  勒索软件解密工具大全
http://www.mottoin.com/tools/96226.html
[其它]  .hta文件的后渗透利用(绕过PowerShell的限制模式)
https://nosec.org/home/detail/1949.html
[Web安全]  渗透基础—端口转发与代理
https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E5%9F%BA%E7%A1%80-%E7%AB%AF%E5%8F%A3%E8%BD%AC%E5%8F%91%E4%B8%8E%E4%BB%A3%E7%90%86/
[比赛]  Google的CTF源码及解答
https://github.com/google/google-ctf/tree/master/2018/finals
[取证分析]  Forensic Analysis Of The μTorrent Peer-to-Peer Client In Windows
https://articles.forensicfocus.com/2018/11/02/forensic-analysis-of-the-%CE%BCtorrent-peer-to-peer-client-in-windows/
[数据挖掘]  闲扯基于图的数据关联分析
https://mp.weixin.qq.com/s/fD95ohJBE_YNcnlZMuXFHA
[数据挖掘]  用神经推理来帮助命名实体识别
https://mp.weixin.qq.com/s/4qHgIcq9YJTj1iGh7kLB4w
[恶意分析]  隧道技术之DNS和ICMP与其检测防御
https://www.anquanke.com/post/id/163240
[设备安全]  西门子通信协议S7COMM(Part 1)
https://www.freebuf.com/articles/ics-articles/188159.html
[漏洞分析]  一个利用姿势清奇的11882格式溢出文档的分析
https://www.anquanke.com/post/id/163855
[恶意分析]  carbon-black-quarterly-incident-response-threat-report-november-2018
https://www.carbonblack.com/wp-content/uploads/2018/10/carbon-black-quarterly-incident-response-threat-report-november-2018.pdf
[文档]  common-windows-misconfigurations-scheduled-tasks
https://amonsec.net/windows-security/2018/common-windows-misconfigurations-scheduled-tasks
[取证分析]  gshark: Scan for sensitive information in Github easily and effectively
https://github.com/neal1991/gshark
[数据挖掘]  50个最佳机器学习公共数据集
https://mp.weixin.qq.com/s/4jhtCUtv_szfMvyDCWKvoQ
[漏洞分析]  A new Control Flow Graph based heuristic for Diaphora
http://joxeankoret.com/blog/2018/11/04/new-cfg-based-heuristic-diaphora/
[数据挖掘]  如何解决机器学习和安全运营之间的不匹配问题
http://www.4hou.com/technology/14382.html
[Web安全]  最新微软Edge浏览器RCE 0day即将放出
https://nosec.org/home/detail/1935.html
[恶意分析]  2018年上半年物联网恶意活动&僵尸网络数据摘要
https://www.freebuf.com/news/188339.html
[Web安全]  SQLMap Insert注入踩坑记
https://www.freebuf.com/articles/web/188402.html
[取证分析]  Shodan能力分析(二)
https://mp.weixin.qq.com/s/CVI_FbQ_Yo_FvYm7CuJzOQ
[取证分析]  戏说美国情报江湖(一)
https://mp.weixin.qq.com/s/JA1sXtwuiTv3onzHiKG6dg
[恶意分析]  Triton针对工业系统的形势分析以及检测手段
https://mp.weixin.qq.com/s/Nel6neXIHw5yXOsNzihQLA
[数据挖掘]   知识图谱的建模方法及其应用
https://mp.weixin.qq.com/s/u7mvxrvudKmjX4KeGtBiWA
[取证分析]  T级攻击态势下解析DDOS高防IP系统架构
https://www.freebuf.com/articles/network/188199.html
[取证分析]  Stucco-A Cyber Intelligence Platform
https://stucco.github.io/
[杂志]  SecWiki周刊(第244期)
https://www.sec-wiki.com/weekly/244
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第245期)