SecWiki周刊(第417期)
2022/02/21-2022/02/27
安全技术
PAM 2022 论文录用列表
https://mp.weixin.qq.com/s/WQbYA0mXF7UEi_r-YxIyYQ
https://mp.weixin.qq.com/s/WQbYA0mXF7UEi_r-YxIyYQ
Bvp47 美国NSA方程式的顶级后门 技术细节
https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.zh-cn.pdf
https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.zh-cn.pdf
自定义AWVS的Docker镜像
https://mp.weixin.qq.com/s/uwTUzinq1v9U7moqfatVOA
https://mp.weixin.qq.com/s/uwTUzinq1v9U7moqfatVOA
SecCrawler: 每日安全日报的爬虫和推送程序
https://github.com/Le0nsec/SecCrawler
https://github.com/Le0nsec/SecCrawler
路由器TP-Link WR740后门漏洞
https://mp.weixin.qq.com/s/SWFLV6H1zKWQyvnC0JGGhg
https://mp.weixin.qq.com/s/SWFLV6H1zKWQyvnC0JGGhg
cheatsheet: 信安技术羊皮卷
https://github.com/LubyRuffy/cheatsheet
https://github.com/LubyRuffy/cheatsheet
漏洞可用性交流(VEX)介绍
https://mp.weixin.qq.com/s/pt6j8RNowbkbEBir0nygaQ
https://mp.weixin.qq.com/s/pt6j8RNowbkbEBir0nygaQ
基于BERT的Web服务政策合规性衡量方法
https://mp.weixin.qq.com/s/a7k232Jduo6WMaa-32arYA
https://mp.weixin.qq.com/s/a7k232Jduo6WMaa-32arYA
CodeQL 与 Shiro550 碰撞
https://paper.seebug.org/1839/
https://paper.seebug.org/1839/
移动互联网应用供应链(SDK)行为安全性现状研究报告
https://mp.weixin.qq.com/s/gdDC9w6bh3jS-tkWJL8qnw
https://mp.weixin.qq.com/s/gdDC9w6bh3jS-tkWJL8qnw
Xloader 是如何进行加密 C&C 通信的?
https://mp.weixin.qq.com/s/tuOcuq9exms82dvAunzrGg
https://mp.weixin.qq.com/s/tuOcuq9exms82dvAunzrGg
设备指纹技术介绍与综述(一)
https://mp.weixin.qq.com/s/bVvhXu7WHNkBzY1mB7SacQ
https://mp.weixin.qq.com/s/bVvhXu7WHNkBzY1mB7SacQ
Parallels Desktop虚拟机逃逸
https://dawnslab.jd.com/pd-exploit-blog1/
https://dawnslab.jd.com/pd-exploit-blog1/
针对Cookie同意和 GDPR 违规的自动化检测工具
https://www.anquanke.com/post/id/267338
https://www.anquanke.com/post/id/267338
基于机器学习的安全数据集总结
https://mp.weixin.qq.com/s/s4ieR17-sisJFwl4j2_v0A
https://mp.weixin.qq.com/s/s4ieR17-sisJFwl4j2_v0A
SecWiki周刊(第416期)
https://www.sec-wiki.com/weekly/416
https://www.sec-wiki.com/weekly/416
针对AD CS中ESC7的滥用
https://mp.weixin.qq.com/s/TqW3ONBdcUFijg4keSiO1g
https://mp.weixin.qq.com/s/TqW3ONBdcUFijg4keSiO1g
Leveraging machine learning to find security vulnerabilities
https://github.blog/2022-02-17-leveraging-machine-learning-find-security-vulnerabilities/
https://github.blog/2022-02-17-leveraging-machine-learning-find-security-vulnerabilities/
LastPyMile - 甄别软件包源代码和发布版代码的差异性
https://mp.weixin.qq.com/s/W1_WYAJbfsMWIOVpgqb_NQ
https://mp.weixin.qq.com/s/W1_WYAJbfsMWIOVpgqb_NQ
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第417期)
