SecWiki周刊(第415期)
2022/02/07-2022/02/13
安全资讯
浙江省通报5起违反保密法律法规典型案例
https://zjnews.zjol.com.cn/202202/t20220208_23764644.shtml
https://zjnews.zjol.com.cn/202202/t20220208_23764644.shtml
安全技术
PendingIntent重定向:一种针对安卓系统和流行App的通用提权方法
https://mp.weixin.qq.com/s/lB3yV1-VE3X-CmqN2T5KCw
https://mp.weixin.qq.com/s/lB3yV1-VE3X-CmqN2T5KCw
解构开源IAST 打造安全灰盒利器
https://mp.weixin.qq.com/s/qyii_dLzUnZlfCIGZPOthA
https://mp.weixin.qq.com/s/qyii_dLzUnZlfCIGZPOthA
企业面对APT化攻击的防御困境
https://mp.weixin.qq.com/s/aKkvxnZJqrlyzWeMrx3JCA
https://mp.weixin.qq.com/s/aKkvxnZJqrlyzWeMrx3JCA
利用RITA检测beacon通信
https://www.anquanke.com/post/id/266379
https://www.anquanke.com/post/id/266379
开源软件包与软件供应链安全漏洞修复分析研究
https://mp.weixin.qq.com/s/KrmzMMDUPUG7qolPPi8SSg
https://mp.weixin.qq.com/s/KrmzMMDUPUG7qolPPi8SSg
2022勒索软件和恶意软件报告
https://mp.weixin.qq.com/s/-rOO-l3YLypga_he_cTdow
https://mp.weixin.qq.com/s/-rOO-l3YLypga_he_cTdow
A Tale of DOM-based XSS!
https://payatu.com/blog/anubhav.singh/dom-based-xss
https://payatu.com/blog/anubhav.singh/dom-based-xss
CobaltStrike 区块链网络上线方式及检测
https://mp.weixin.qq.com/s/Vrd8hWgPnK1bh1Ggj33NtQ
https://mp.weixin.qq.com/s/Vrd8hWgPnK1bh1Ggj33NtQ
ML-DOCTOR:对机器学习模型推理攻击的全局性研究
https://mp.weixin.qq.com/s/B0_nPJkbSLRO7xyeHnA3OQ
https://mp.weixin.qq.com/s/B0_nPJkbSLRO7xyeHnA3OQ
CVE-2021-33742:Internet Explorer MSHTML堆越界写漏洞分析
https://www.anquanke.com/post/id/266935
https://www.anquanke.com/post/id/266935
侠盗猎车 -- 玩转滚动码(中)
https://bbs.pediy.com/thread-271406.htm
https://bbs.pediy.com/thread-271406.htm
Top 10 web hacking techniques of 2021
https://portswigger.net/research/top-10-web-hacking-techniques-of-2021
https://portswigger.net/research/top-10-web-hacking-techniques-of-2021
[HTB] Love Writeup
https://mp.weixin.qq.com/s/3xZKlWMdUiWNCkhaXn7-4g
https://mp.weixin.qq.com/s/3xZKlWMdUiWNCkhaXn7-4g
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第415期)
