SecWiki周刊(第52期)
2015/02/23-2015/03/01
安全资讯
Facebook security chap finds 10 Superfish sub-species
http://www.theregister.co.uk/2015/02/23/facebook_security_chap_finds_10_superfish_subspecies/
http://www.theregister.co.uk/2015/02/23/facebook_security_chap_finds_10_superfish_subspecies/
2015年漏洞奖励计划大盘点
http://www.aqniu.com/news/6677.html
http://www.aqniu.com/news/6677.html
the alleged hacking of SIM card encryption keys
http://www.gemalto.com/press/Pages/Gemalto-presents-the-findings-of-its-investigations-into-the-alleged-hacking-of-SIM-card-encryption-keys.aspx
http://www.gemalto.com/press/Pages/Gemalto-presents-the-findings-of-its-investigations-into-the-alleged-hacking-of-SIM-card-encryption-keys.aspx
Most vulnerable operating systems and applications in 2014
http://www.gfi.com/blog/most-vulnerable-operating-systems-and-applications-in-2014/
http://www.gfi.com/blog/most-vulnerable-operating-systems-and-applications-in-2014/
安全技术
WiFi万能钥匙蹭网原理详细剖析
http://drops.wooyun.org/papers/4976
http://drops.wooyun.org/papers/4976
An Exploration of ARM TrustZone Technology
http://genode.org/documentation/articles/trustzone
http://genode.org/documentation/articles/trustzone
Extend Sulo to find the CVE of Flash exploits
https://hiddencodes.wordpress.com/2015/02/25/extend-sulo-to-find-the-cve-of-flash-exploits/
https://hiddencodes.wordpress.com/2015/02/25/extend-sulo-to-find-the-cve-of-flash-exploits/
More than 1Million WordPress sites vulnerable to blind SQL InjSecurity Affairs
http://securityaffairs.co/wordpress/34144/hacking/1-million-wordpress-websites-vulnerable.html
http://securityaffairs.co/wordpress/34144/hacking/1-million-wordpress-websites-vulnerable.html
dnstest – Monitor Your DNS for Hijacking
http://blog.whitehatsec.com/dnstest-monitor-your-dns-for-hijacking/
http://blog.whitehatsec.com/dnstest-monitor-your-dns-for-hijacking/
Writing your own Analyzer for the Open-Source Multi-Scanner IRMA
http://blog.quarkslab.com/writing-our-own-analyzer-for-the-open-source-multi-scanner-irma.html
http://blog.quarkslab.com/writing-our-own-analyzer-for-the-open-source-multi-scanner-irma.html
mhn:Modern Honey Network
http://threatstream.github.io/mhn/
http://threatstream.github.io/mhn/
HackLu2014 Oreo Writeup
https://blog.leoc.io/blog/20141030/hacklu2014-oreo-writeup/
https://blog.leoc.io/blog/20141030/hacklu2014-oreo-writeup/
Kizzle: A Signature Compiler for Exploit Kits
http://research.microsoft.com/pubs/240495/tr.pdf
http://research.microsoft.com/pubs/240495/tr.pdf
在非越狱的iPhone 6 (iOS 8.1.3) 上进行钓鱼攻击 (盗取App Store密码)
http://drops.wooyun.org/tips/4998
http://drops.wooyun.org/tips/4998
Use After Free Vulnerability in unserialize() with DateTime[CVE-2015-0273]
https://github.com/80vul/phpcodz/blob/master/research/pch-020.md
https://github.com/80vul/phpcodz/blob/master/research/pch-020.md
How to Use Docker on OS X: The Missing Guide
http://viget.com/extend/how-to-use-docker-on-os-x-the-missing-guide
http://viget.com/extend/how-to-use-docker-on-os-x-the-missing-guide
Application_Usage_Threat_Report_2014
http://vdisk.weibo.com/s/yUSwk86KiapUU/1424702372
http://vdisk.weibo.com/s/yUSwk86KiapUU/1424702372
安全专题
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第52期)
