【知识】4月7日 - 每日安全知识热点

360安全客 安全资讯 64935 4

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:Java AMF3 反序列化漏洞分析用程序特征的统计学习来检测ROPQNAP QTS 多个RCE漏洞Android代码混淆技术总结一键无文件感染Windows管理规范(WMI)利用如何修复使用NOP指令抹去关键方法的DEX文件

国内热词(以下内容部分摘自http://www.solidot.org/):

微软披露 Windows 10 收集的数据细节

恶意 Wi-Fi 网络能劫持 Android 设备

台湾的白帽黑客

资讯类:

Scottrade银行确认泄漏20,000用户记录和60GB MSSQL信息

http://securityaffairs.co/wordpress/57773/data-breach/scottrade-bank-data-leak.html

技术类:

Java AMF3 反序列化漏洞分析

http://bobao.360.cn/learning/detail/3705.html

用程序特征的统计学习来检测ROP

https://blog.acolyer.org/2017/04/06/detecting-rop-with-statistical-learning-of-program-characteristics/

Evilginx – 具有双因素身份验证的高级网络钓鱼

https://breakdev.org/evilginx-advanced-phishing-with-two-factor-authentication-bypass/

XSA-212:Critical Xen bug in PV memory virtualization code

https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-029-2017.txt

QNAP QTS 多个RCE漏洞

https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt

BrickerBot – PDoS的发现和分析

https://security.radware.com/ddos-threats-attacks/brickerbot-pdos-permanent-denial-of-service/

通过云端服务渗透的apt活动

http://jblog.javelin-networks.com/blog/operation-cloud-hopper-apt10/ 

https://www.pwc.co.uk/cyber-security/pdf/cloud-hopper-report-final-v4.pdf

微软edge:检测已安装的扩展

https://www.brokenbrowser.com/microsoft-edge-detecting-installed-extensions/

我是如何通过命令注入黑掉智能电视

https://www.netsparker.com/blog/web-security/hacking-smart-tv-command-injection/

网络间谍活动成为全球贸易的核心

https://www.fidelissecurity.com/TradeSecret

推荐一个实时收集req请求包的网站

http://requestb.in

Android代码混淆技术总结(一)

http://bobao.360.cn/learning/detail/3704.html

一键无文件感染

http://paper.seebug.org/265/

bash指南

https://github.com/Idnan/bash-guide

比较老的两个有关sql注入的paper

https://www.nds.rub.de/media/hfs/attachments/files/2010/03/hackpra09_kornburst_advanced_sql_injection.pdf

https://crypto.stanford.edu/cs142/lectures/16-sql-inj.pdf

如何修复使用NOP指令抹去关键方法的DEX文件

http://blog.fortinet.com/2017/04/05/how-to-repair-a-dex-file-in-which-some-key-methods-are-erased-with-nops

从 Android Native代码中创建一个java 虚拟机

https://calebfenton.github.io/2017/04/05/creating_java_vm_from_android_native_code/

利用Java Struts2漏洞安装勒索软件

https://isc.sans.edu/diary.html

Windows管理规范(WMI)利用

https://blog.netspi.com/getting-started-wmi-weaponization-part-1/ 

https://blog.netspi.com/getting-started-wmi-weaponization-part-2/

Diamond Fox恶意软件分析

https://blog.malwarebytes.com/threat-analysis/2017/03/diamond-fox-p1/ 

https://blog.malwarebytes.com/threat-analysis/2017/04/diamond-fox-p2/

Windows 10 x64 – Egghunter Shellcode

https://www.exploit-db.com/exploits/41827/

Drupal 7.x Service模块SQLi & RCE 漏洞分析及EXP

https://xianzhi.aliyun.com/forum/read/1472.html

(完)