SecWiki周刊(第272期)
2019/05/13-2019/05/19
安全资讯
推荐几个优质开源情报分析源
https://mp.weixin.qq.com/s/xegDRXu9A0YMx3v8_E86Ow
https://mp.weixin.qq.com/s/xegDRXu9A0YMx3v8_E86Ow
CVE-2019-0708 | 远程桌面服务远程执行代码漏洞
https://nosec.org/home/detail/2635.html
https://nosec.org/home/detail/2635.html
俄罗斯政府网站被爆泄露225万用户社保和护照等信息
https://nosec.org/home/detail/2649.html
https://nosec.org/home/detail/2649.html
美海军陆战队招募志愿者组建平民网络安全小组
https://www.cnbeta.com/articles/tech/848027.htm
https://www.cnbeta.com/articles/tech/848027.htm
国内外网络战争现场报告平台
https://mp.weixin.qq.com/s/QaYPI8z4bXLUChuOrNxC-A
https://mp.weixin.qq.com/s/QaYPI8z4bXLUChuOrNxC-A
网络存证未获取法院支持判决书全文
https://mp.weixin.qq.com/s/dqXA8KT_zFJWEx39RGd9Qg
https://mp.weixin.qq.com/s/dqXA8KT_zFJWEx39RGd9Qg
安全技术
GeoServer漏洞利用总结及案例参考
https://mp.weixin.qq.com/s/lz5cAvLbYIdAQ3aRiiseYg
https://mp.weixin.qq.com/s/lz5cAvLbYIdAQ3aRiiseYg
基于设备指纹的风控建模以及机器学习的尝试
https://mp.weixin.qq.com/s/iifhFE8S_3E5d5MvGRbVow
https://mp.weixin.qq.com/s/iifhFE8S_3E5d5MvGRbVow
DNS Cache-Based User Tracking
https://mp.weixin.qq.com/s/cSjoVgxjOAuIUlewX9iIoA
https://mp.weixin.qq.com/s/cSjoVgxjOAuIUlewX9iIoA
基于攻击链的网络威胁捕猎架构设计
https://book.yunzhan365.com/dksd/oyru/mobile/index.html
https://book.yunzhan365.com/dksd/oyru/mobile/index.html
浅谈威胁诱捕技术在网络安全保障与蓝队防御过程中的重要应用
http://plcscan.org/blog/2019/05/application-of-threat-trap-in-red-and-blue-teams/
http://plcscan.org/blog/2019/05/application-of-threat-trap-in-red-and-blue-teams/
基于小样本学习的意图识别冷启动
https://mp.weixin.qq.com/s/FLXeHnLo03r-8qfUX48VHw
https://mp.weixin.qq.com/s/FLXeHnLo03r-8qfUX48VHw
企业内网之网络管控or自动科学上网
https://www.aqniu.com/vendor/47664.html
https://www.aqniu.com/vendor/47664.html
现代办公网安全体系建设系列之一:统一化新型认证体系探索
https://blog.flanker017.me/a-new-approach-to-modern-office-network-security-series-1/
https://blog.flanker017.me/a-new-approach-to-modern-office-network-security-series-1/
如何利用开源风控系统(星云)防止撞库
https://mp.weixin.qq.com/s/r7EY1zcydTmaaEY91H1m5A
https://mp.weixin.qq.com/s/r7EY1zcydTmaaEY91H1m5A
w12scan: 网络资产发现引擎
https://github.com/w-digital-scanner/w12scan
https://github.com/w-digital-scanner/w12scan
采用弱监督算法给大规模数据集打标签
https://www.infoq.cn/article/Gu-zjXGiWA85lQH7eCca
https://www.infoq.cn/article/Gu-zjXGiWA85lQH7eCca
Arbitrary file read vulnerability in Hackerrank
https://blog.cystack.net/arbitrary-file-read-vulnerability-in-hackerrank/
https://blog.cystack.net/arbitrary-file-read-vulnerability-in-hackerrank/
Cisco RV320、RV325未授权远程代码执行漏洞分析及建议
https://www.freebuf.com/vuls/202814.html
https://www.freebuf.com/vuls/202814.html
工控安全从入门到实战——概述(一)
https://www.anquanke.com/post/id/178265
https://www.anquanke.com/post/id/178265
webshell免杀套路
https://nosec.org/home/detail/2574.html
https://nosec.org/home/detail/2574.html
DDCTF2019官方Write Up——Web篇
https://www.anquanke.com/post/id/178434
https://www.anquanke.com/post/id/178434
EXPLOITING 10,000+ DEVICES USED BY BRITAIN’S MOST VULNERABLE
https://fidusinfosec.com/exploiting-10000-devices-used-by-britains-most-vulnerable/
https://fidusinfosec.com/exploiting-10000-devices-used-by-britains-most-vulnerable/
一次综合渗透测试
https://xz.aliyun.com/t/5128
https://xz.aliyun.com/t/5128
SecWiki周刊(第271期)
https://www.sec-wiki.com/weekly/271
https://www.sec-wiki.com/weekly/271
Powershell攻击指南黑客后渗透之道系列—基础篇
https://mp.weixin.qq.com/s/8UuCC76DHYOuAtpF5MiOQg
https://mp.weixin.qq.com/s/8UuCC76DHYOuAtpF5MiOQg
利用PHP应用程序中的远程文件包含(RFI)并绕过远程URL包含限制
https://nosec.org/home/detail/2640.html
https://nosec.org/home/detail/2640.html
FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
https://securelist.com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/
https://securelist.com/fin7-5-the-infamous-cybercrime-rig-fin7-continues-its-activities/90703/
APT34 Glimpse&PoisonFrog 项目分析
http://blog.nsfocus.net/apt34-glimpsepoisonfrog/
http://blog.nsfocus.net/apt34-glimpsepoisonfrog/
Web指纹识别技术研究与优化实现
https://mp.weixin.qq.com/s/v92dLQSgLXv7JVkc8AUyvA
https://mp.weixin.qq.com/s/v92dLQSgLXv7JVkc8AUyvA
DDCTF2019官方Write Up——Reverse篇
https://www.anquanke.com/post/id/178414
https://www.anquanke.com/post/id/178414
CVE-2019-3568: WhatsApp 0 day漏洞分析
https://mp.weixin.qq.com/s/NC9bSf1QGXugPBPYVgaEsQ
https://mp.weixin.qq.com/s/NC9bSf1QGXugPBPYVgaEsQ
Exploiting CVE-2018-1335: Command Injection in Apache Tika
https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/
https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/
国家网络安全能力成熟度模型(一)
https://www.freebuf.com/articles/es/202351.html
https://www.freebuf.com/articles/es/202351.html
恶意软件训练集:FollowUP
https://nosec.org/home/detail/2638.html
https://nosec.org/home/detail/2638.html
Decrypting Eazfuscator.NET encrypted symbol names
https://blog.silentsignal.eu/2019/05/10/decrypting-eazfuscator-net-encrypted-symbol-names/
https://blog.silentsignal.eu/2019/05/10/decrypting-eazfuscator-net-encrypted-symbol-names/
知往鉴今:Chromium近三年UXSS漏洞分析及缓解、预防和检测措施
https://www.4hou.com/vulnerable/17663.html
https://www.4hou.com/vulnerable/17663.html
DHCP security in Windows 10: analyzing critical vulnerability CVE-2019-0726
http://blog.ptsecurity.com/2019/05/dhcp-security-in-windows-10-analyzing.html
http://blog.ptsecurity.com/2019/05/dhcp-security-in-windows-10-analyzing.html
DDCTF2019官方Write Up——Android篇
https://www.anquanke.com/post/id/178383
https://www.anquanke.com/post/id/178383
DDCTF2019官方Write Up——MISC篇
https://www.anquanke.com/post/id/178392
https://www.anquanke.com/post/id/178392
2018年网站攻击态势及“攻击团伙”挖掘分析报告
https://www.anquanke.com/post/id/178158
https://www.anquanke.com/post/id/178158
如何构建公有云DDoS溯源系统
https://www.4hou.com/system/18029.html
https://www.4hou.com/system/18029.html
工控安全从入门到实战——概述(二)
https://www.anquanke.com/post/id/178425
https://www.anquanke.com/post/id/178425
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第272期)
