SecWiki周刊（第274期)

SecWiki周刊（第274期）

2019/05/27-2019/06/02

安全资讯

[法规] 数据安全管理办法（征求意见稿）
http://www.cac.gov.cn/2019-05/28/c_1124546022.htm

安全技术

[Web安全] 一次攻防实战演习复盘总结
https://mp.weixin.qq.com/s/sfUQnFBlkRKf4uRDIVkG5Q

[漏洞分析] ApacheTomca远程执行代码（CVE-2019-0232）漏洞浅析和复现
https://mp.weixin.qq.com/s/dhry2nxTyN4C0BUeBvOdZQ

[数据挖掘] datacon比赛方向三-攻击源与攻击者分析writeup
https://github.com/ReAbout/datacon

[比赛] CTFTraining: CTF Training 经典赛题复现环境
https://github.com/CTFTraining/CTFTraining

[Web安全] 利用 JAVA 调试协议 JDWP 实现反弹 shell
https://paper.seebug.org/933/

[数据挖掘] 当安全遇上NLP
http://4o4notfound.org/index.php/archives/190/

[移动安全] 一张图片在微信中点开让苹果手机重启的简单分析
http://www.h4ck.org.cn/2019/05/%e4%b8%80%e5%bc%a0%e5%9b%be%e7%89%87%e5%9c%a8%e5%be%ae%e4%bf%a1%e4%b8%ad%e7%82%b9%e5%bc%80%e8%ae%a9%e8%8b%b9%e6%9e%9c%e6%89%8b%e6%9c%ba%e9%87%8d%e5%90%af-%e7%9a%84%e7%ae%80%e5%8d%95%e5%88%86%e6%9e%90/

[漏洞分析] Analysis of CVE-2019-0708 (BlueKeep)
https://www.malwaretech.com/2019/05/analysis-of-cve-2019-0708-bluekeep.html

[比赛] 2019 强网杯online Web Writeup
https://tttang.com/archive/1301/

[比赛] MIMIC Defense CTF 2019 final writeup
https://paper.seebug.org/932/

[其它] CTF中的隐写术总结
https://mp.weixin.qq.com/s/tAMqC8NpgkXDGAgZHtLd7A

[漏洞分析] A Debugging Primer with CVE-2019–0708
https://medium.com/@straightblast426/a-debugging-primer-with-cve-2019-0708-ccfa266682f6

[其它] 账户安全
https://bloodzer0.github.io/ossa/business/account/

[恶意分析] Threat Hunting with Jupyter Notebooks— Part 1: Your First Notebook
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-1-your-first-notebook-9a99a781fde7?gi=6e2ca22b44b7

[其它] netstat源代码调试&原理分析
https://blog.spoock.com/2019/05/26/netstat-learn/

[取证分析] 军工行业工控安全防护思路
https://mp.weixin.qq.com/s/AVRYyob-bQdRRQ8i15SK3w

[漏洞分析] InfluxDB authentication bypass 0day
https://www.komodosec.com/post/when-all-else-fails-find-a-0-day

[移动安全] iOS砸壳从入门到放弃
https://mp.weixin.qq.com/s/BnYglYcsC-X43pgHfpDXgg

[比赛] ISCC2019部分writeup
https://www.anquanke.com/post/id/179216

[恶意分析] Decryption-Tools: 勒索病毒解密工具的汇总
https://github.com/jiansiting/Decryption-Tools

[Web安全] 永久性 WMIC 事件订阅 - 权限维持(三）
https://rcoil.me/2019/05/%E6%B0%B8%E4%B9%85%E6%80%A7%20WMIC%20%E4%BA%8B%E4%BB%B6%E8%AE%A2%E9%98%85%20-%20%E6%9D%83%E9%99%90%E7%BB%B4%E6%8C%81%EF%BC%88%E4%B8%89%EF%BC%89/

[漏洞分析] netstat 源代码调试 & 原理分析
https://paper.seebug.org/934/

[漏洞分析] CVE-2018-12067及类似漏洞分析与相关思考
https://xz.aliyun.com/t/5248

[恶意分析] nansh0u-campaign-hackers-arsenal-grows-stronger
https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/

[Web安全] 产品安全设计checklist
https://bloodzer0.github.io/ossa/other-security-branch/security-operation/pst/

[取证分析] 跟我一起学习玩转二维码
https://www.freebuf.com/geek/204516.html

[运维安全] 容器安全建设
https://bloodzer0.github.io/ossa/infrastructure-security/container/

[其它] 使用Gpg4Win+Outlook Express实现发送和接收加密邮件
https://www.cnblogs.com/Lyckerr/p/8624076.html

[Web安全] 某CMS组合漏洞至Getshell
https://xz.aliyun.com/t/5277

[取证分析] 应急响应处置流程Windows篇
https://www.freebuf.com/articles/network/203494.html

[Web安全] Microsoft Office - 权限维持(一)
https://rcoil.me/2019/05/Microsoft%20Office%20-%20%E6%9D%83%E9%99%90%E7%BB%B4%E6%8C%81%EF%BC%88%E4%B8%80%EF%BC%89/

[漏洞分析] Breaking Out of rkt – 3 New Unpatched CVEs
https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/

[取证分析] Diving into the Security Analyst's Mind
https://posts.specterops.io/diving-into-the-security-analysts-mind-b1708668e8d4

[运维安全] 容器安全工具
https://bloodzer0.github.io/ossa/infrastructure-security/container/tools/

[Web安全] Exploiting File Uploads Pt. 1 – MIME Sniffing to Stored XSS
https://anotherhackerblog.com/exploiting-file-uploads-pt1/

[恶意分析] HiddenWasp Malware Stings Targeted Linux Systems
https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/

[漏洞分析] Attribution is hard — at least for Dock: A Safari sandbox escape & LPE
https://phoenhex.re/2019-05-26/attribution-is-hard-at-least-for-dock

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第274期)