SecWiki周刊(第9期)
2014/04/28-2014/05/04
安全资讯
Cyber intelligence services reveal sensitive data firms are leaking online 思科ASA SSL VPN爆权限提升漏洞 一周海外安全事件回顾(20140421-0427) Skype leaves Sensitive User Data Unencrypted Locally On Computers AOL Security Update Android users targeted by over 99 percent of mobile malware One of World’s Largest Websites Hacked: Turns Visitors into “DDoS Zombies” New zero-day vulnerability identified in all versions of IE “大数据”时代考问网络安全 Apple iOS 7 Updates Silently Remove Encryption for Email Attachments Using Facebook Notes to DDoS any website
安全技术
逆向基础(一) | WooYun知识库 Decrypting IIS Passwords to Break Out of the DMZ: Part 2 Decrypting IIS Passwords to Break Out of the DMZ: Part 1 keyscan.py: looking for prime factors #QCon北京# 云计算构架案例 BYPASSING ADVANCED THREAT DETECTION SYSTEMS Reverse Engineering for Beginners book Out Of Control: Overcoming Control-Flow Integrity Laravel cookie伪造,解密,和远程命令执行 Spark at Twitter - Seattle Spark Meetup 用Google语音识别API破解reCaptcha验证码 Burp Suite使用介绍(一) Introduction to Android Malware Analysis big_data_privacy_report_may_1_2014 CVE-2013-0640 AdobeReader任意代码执行漏洞分析 New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 A Year of MongoDB The FireEye Advanced Threat Report 2013: European Edition Burp Suite使用介绍(二) Identifying Malware Traffic with Bro and (CIF) Spark Contributor陈超:深入浅出Spark Celery: Python Distributed Task Queue cve-2014-1776_sample Characterizing Privacy Leakage of Public WiFi Networks for Users on Travel 堆溢出学习笔记 #QCon北京# 知名网站案例分析 Tips for Public Speaking Lnk files in Email Malware Distribution New Flash Player 0-day (CVE-2014-0515) used in watering-hole attacks UI redress attack on live.com (affected all pages) xrop:Tool to generate ROP gadgets Bypass Win8.1 UAC源码 + 文档 APKinspector: analyze the Android applications Revisiting Mac OS X Kernel Rootkits PHP Callback Functions: Another Way to Hide Backdoors Attack of the Week: Triple Handshakes (3Shake) Hurricane Electric BGP Toolkit zabbix企业应用之服务器硬件信息监控 某众多高校邮件系统的0day挖掘思路及XSS新防御方案 可能被绕过的防御有什么用 Augmenting Vulnerability Analysis of Binary Code 详细解剖百度大脑 Best Paper Awards in Computer Science (since 1996) oclHashcat: advanced password recovery Defending Against Network-based Distributed Denial of Service Attacks [投稿]对某国的一次APT攻击过程 基于AngularJS的企业软件前端架构 CVE-2014-1776 SWF WaFFLE: Fingerprinting filter rules of WAFs LINE Storage: Storing billions of rows in Sharded-Redis and HBase per Month #QCon北京# 构建高效能团队 CVE-2014-1761_sample(pass infected) BDAS:the Berkeley Data Analytics Stack 2014年移动互联网年度报告 Q1 2014 Mobile Threat Report 小米自动化运维实践 qcon 2014 Beijing Joomla Plugin Constructor Backdoor Exploit: McAfee ePolicy 0wner (ePowner) v0.1 SimpleSAMLphp:native PHP that deals with authentication Snoopy: A distributed tracking and profiling framework 那些年,那些 Apache Struts2 的漏洞 Wiley.Data Driven Security.Analysis.Visualization and Dashboards.2014 #QCon北京# 推荐系统工程实践 对sfgg所有博客的数据统计 python的分布式任务并行处理框架Jug简单使用-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com
本期原文地址: SecWiki周刊(第9期)