【知识】3月8日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:【下载】维基解密发布关于CIA的全球隐蔽黑客计划资料合集种子文件几篇不错的s2-045漏洞分析对Kerberos安全认证协议的一些研究反侦测的艺术part3:Shellcode炼金术攻击SSO:发掘常见的SAML漏洞、揭秘uefi勒索软件、windows下两个不同的可执行的exe文件具有相同的SHA-1和MD5值、HEVD内核漏洞训练之SMEP绕过

国内热词:


s2-045漏洞爆发

维基解密揭秘美国CIA网络黑客计划

资讯类:


WikiLeaks发布详细说明关于CIA黑客工具以及功能的文档

http://thehackernews.com/2017/03/wikileaks-cia-hacking-tool.html

技术类:


【下载】维基解密发布关于CIA的全球隐蔽黑客计划资料合集种子文件

https://file.wikileaks.org/torrent/WikiLeaks-Year-Zero-2017-v1.7z.torrent

pass:SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds


几篇不错的s2-045漏洞分析

http://blog.csdn.net/u011721501/article/details/60768657 

http://paper.seebug.org/241/ 

https://qy.weixin.qq.com/cgi-bin/wap_getnewsmsg?action=get&__biz=MzI2NDM1NTI3Mw==&mixuin=MjU2NDEyMTY4NDY5NDQ4MTg1Nw==&mid=10000261&idx=1&sn=400b1f9b0636e61e56ec034d52271c7a&scene=1&pass_ticket=VazK%2BgPUh28FlVa02Z%2Fry9%2FRiOhOEXrzAKYtdeGyxmU%3D 

https://mp.weixin.qq.com/s?__biz=MzIwMDk0MjcwNA==&mid=2247484011&idx=1&sn=839b02208417809f21f30c7b18b90abb&chksm=96f43774a183be620d82ffc02623da769e84e7ecd5c4778306e5263aec22c4e0cf01ed301503&mpshare=1&scene=1&srcid=0308NyAvczyTUzd7sY2Gewrq&pass_ticket=VazK%2BgPUh28FlVa02Z%2Fry9%2FRiOhOEXrzAKYtdeGyxmU%3D#rd

enigma2017会议议题的视频和paper

https://www.usenix.org/conference/enigma2017/conference-program

对Kerberos安全认证协议的一些研究

https://www.coresecurity.com/blog/kerberos-delegation-spns-and-more

对网络上存在的JavaScript库进行分析,发现存在大量的漏洞版本

https://blog.acolyer.org/2017/03/07/thou-shalt-not-depend-on-me-analysing-the-use-of-outdated-javascript-libraries-on-the-web/

反侦测的艺术part3:Shellcode炼金术

https://pentest.blog/art-of-anti-detection-3-shellcode-alchemy/

如何安全的给.net程序签名

https://lowleveldesign.org/2017/03/07/how-to-securely-sign-dotnet-assemblies/

windows内核拒绝服务#3: nt!NtDuplicateToken (Windows 7-8)

http://j00ru.vexillium.org/?p=3187

攻击SSO:发掘常见的SAML漏洞

https://blog.netspi.com/attacking-sso-common-saml-vulnerabilities-ways-find/

美国电子支付行业巨头Verifone遭攻击事件分析

https://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/

手动删除TORRENTLOCKER(CRYPT0L0KER)恶意软件和加密后的.ENC文件

http://bestsecuritysearch.com/remove-torrentlocker-enc-files/

TOR的主动响应和检测机制研究

https://www.researchgate.net/profile/Justin_David_Pineda/publication/309533083_Proactive_Response_and_Detection_of_TOR_Anonymizers_through_Signature_and_Heuristic-based_Mechanisms/links/5814cf3108aeb720f684985e/Proactive-Response-and-Detection-of-TOR-Anonymizers-through-Signature-and-Heuristic-based-Mechanisms.pdf

揭秘uefi勒索软件

https://www.cylance.com/en_us/blog/uefi-ransomware-full-disclosure-at-black-hat-asia.html

Shamoon2.0、 StoneDrill技术分析报告

https://securelist.com/files/2017/03/Report_Shamoon_StoneDrill_final.pdf

windows下两个不同的可执行的exe文件具有相同的SHA-1和MD5值

https://roastingbugs.blogspot.in/2017/03/eat-more-hashes.html

PSExec在渗透测试中的横向移动

https://www.toshellandback.com/2017/02/11/psexec/

开发基于异常的Web应用程序防火墙

https://github.com/matthiasmaes/AnomalyWebApplicationFirewall

HEVD内核漏洞训练之SMEP绕过

http://bobao.360.cn/learning/detail/3570.html

(完)