【知识】4月11日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:CVE-2017-3881:思科Catalyst 交换机RCE使用Windows 10安全功能来缓解威胁Facebook 的一个有趣的CSRF关于Windows Uniscribe Fuzzing实战栈溢出:三个漏洞搞定一台路由器ApiScout:Windows API 信息恢复利用IPv6绕过IDS检测

国内热词(以下内容部分摘自http://www.solidot.org/):


黑客如何接管银行的所有在线业务

柯洁将在 5 月 23 日挑战 AlphaGo

黑客激活达拉斯的紧急警报系统

资讯类:


达拉斯官员指责黑客在上周六早晨在整个城市发出紧急警报

https://www.dallasnews.com/news/dallas/2017/04/08/emergency-sirens-blare-across-dallas-county-despite-clear-weather

Symantec研究人员将40个网络攻击联系到由维基解密所暴露的CIA黑客工具

http://thehackernews.com/2017/04/cia-longhorn-hacking.html

技术类:


CVE-2017-3881:思科Catalyst 交换机RCE

https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/

https://github.com/artkond/cisco-rce/

Facebook 的一个有趣的CSRF

http://blog.intothesymmetry.com/2017/04/csrf-in-facebookdropbox-mallory-added.html

使用Windows 10安全功能来缓解威胁

https://technet.microsoft.com/en-us/itpro/windows/keep-secure/overview-of-threat-mitigations-in-windows-10

关于Windows Uniscribe Fuzzing

https://googleprojectzero.blogspot.tw/2017/04/notes-on-windows-uniscribe-fuzzing.html

ASIS CTF Video Review

https://www.youtube.com/watch?v=c1dU7DR2BKQ

远程调试kext

https://rednaga.io/2017/04/09/remote_kext_debugging/

使用System.EnterpriseServices.RegistrationHelper扩展JScript

http://subt0x10.blogspot.nl/2017/04/extending-jscript-with.html

OSX/iOS逆向资源合集

https://github.com/michalmalik/osx-re-101

通过逆向工程获取 Android软件的token

https://regmedia.co.uk/2016/09/02/hacking_soft_tokens_-_bernhard_mueller.pdf

owasp移动安全测试指南

https://b-mueller.gitbooks.io/owasp-mobile-security-testing-guide/content/

利用IPv6绕过IDS检测

https://ccdcoe.org/sites/default/files/multimedia/pdf/ip6eva_0.pdf

使用Android ART进行反调试

http://www.vantagepoint.sg/blog/88-anti-debugging-fun-with-android-art 

http://www.vantagepoint.sg/blog/89-more-android-anti-debugging-fun

2周内一步步发掘ICS设备的不安全问题

http://blog.talosintelligence.com/2017/04/moxa-box.html

MS16-135 exp

https://github.com/FuzzySecurity/PSKernel-Primitives/tree/master/Sample-Exploits/MS16-135

CAA 检查对于ssl/tls 证书必要的

https://ma.ttias.be/caa-checking-becomes-mandatory-ssltls-certificates/

nosql 注入环境

https://digi.ninja/projects/nosqli_lab.php

实战栈溢出:三个漏洞搞定一台路由器

https://zhuanlan.zhihu.com/p/26271959

开源跳板机(堡垒机)jumpserver:认证,授权,审计,自动化运维

https://github.com/jumpserver/jumpserver

ApiScout:Windows API 信息恢复

http://byte-atlas.blogspot.com/2017/04/apiscout.html

(完)