热点概要:为恶意软件事件响应构建本地的passiveDNS、如何保护漏洞利用:检测PageHeap、在渗透测试中Netcat使用的技巧 、如何寻找漏洞绕过CFG、Pwn2Own 2017: UAF in JSC::CachedCall (WebKit)
资讯类:
GOOGLE文档钓鱼攻击100万GMAIL用户的受影响
https://threatpost.com/1-million-gmail-users-impacted-by-google-docs-phishing-attack/125436/
技术类:
一个Meterpreter和Windows代理的APT案例
https://medium.com/@br4nsh/a-meterpreter-and-windows-proxy-case-4af2b866f4a1
分析Bondnet僵尸网络
https://www.guardicore.com/2017/05/the-bondnet-army/
SAML的脆弱性分析
https://medium.com/@FreedomCoder/following-the-white-rabbit-5e392e3f6fb9
如何保护漏洞利用:检测PageHeap
http://snf.github.io/2017/05/04/exploit-protection-i-page-heap/
为恶意软件事件响应构建本地的passiveDNS
XXE漏洞利用的技巧
http://www.blackhillsinfosec.com/?p=5886
3张图说明http和http2的不同
https://twitter.com/kosamari/status/859958929484337152/
在渗透测试中Netcat使用的技巧
http://www.hackingtutorials.org/networking/hacking-with-netcat-part-1-the-basics/
http://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
http://www.hackingtutorials.org/networking/hacking-with-netcat-part-3-advanced-techniques/
利用PDF附件传播Dridex和Locky恶意软件
https://www.fireeye.com/blog/threat-research/2017/05/dridex_and_lockyret.html
Pwn2Own 2017: UAF in JSC::CachedCall (WebKit)
https://phoenhex.re/2017-05-04/pwn2own17-cachedcall-uaf
Docker Hub安全漏洞研究
http://dl.acm.org/citation.cfm?doid=3029806.3029832
Windows Defender ATP阻止了WilySupply软件攻击
macOS网络钓鱼:AppleScript危险
https://duo.com/blog/the-macos-phishing-easy-button-applescript-dangers
通过Shodan检索FMV看到了什么
http://blog.networkedinference.com/2017/05/ranger-and-bonker-predator-drones.html
如何寻找漏洞绕过CFG
原创蓝牙App漏洞系列分析之一CVE-2017-0601