【知识】3月23日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:DoubleAgent技术:0day代码注入和持久化简单绕过PowerShell约束语言模式使用Punycode和homoglyphs模糊URLIOS安全指南、Python Pickle的任意代码执行漏洞实践和Payload构造、JIT 编译的风险:第二部分、0ctf2017 Kernel Pwnable – note


国内热词(以下内容部分摘自http://www.solidot.org/):


中国公司统治 Pwn2Own 2017

Google 宣布 Android O 开发者预览版

苹果: 红色iPhone7在中国不提艾滋病

资讯类:


黑客声称至少控制了2亿iCloud 账户,要么交赎金要么就抹掉设备

http://www.news.com.au/technology/online/hacking/hackers-threaten-to-wipe-200-million-icloud-accounts-unless-apple-pays-ransom/news-story/efc53517cce9f030a14cb38b4bf34cf8

技术类:


DoubleAgent技术:0day代码注入和持久化

https://cybellum.com/doubleagentzero-day-code-injection-and-persistence-technique/

Winnti组织利用GitHub进行C&C通信

http://blog.trendmicro.com/trendlabs-security-intelligence/winnti-abuses-github/

SAVE:社会工程学

http://www.fak.dk/publikationer/Documents/Project%20SAVE.pdf

简单绕过PowerShell约束语言模式

https://pentestn00b.wordpress.com/2017/03/20/simple-bypass-for-powershell-constrained-language-mode/

inVtero.net:内存扫描取证,Gargoyle memory 开源的工具

https://github.com/ShaneK2/inVtero.net

使用Punycode和homoglyphs模糊URL

http://www.irongeek.com/i.php?page=security/out-of-character-use-of-punycode-and-homoglyph-attacks-to-obfuscate-urls-for-phishing

[算法系列]学点算法搞安全之SVM

https://mp.weixin.qq.com/s?__biz=MzIwOTc0MDU3NA==&mid=2247483856&idx=1&sn=99e6626f4c86702594de374db499f388&chksm=976e77a1a019feb7f97f3966bbba07bd561fb4f4069b5ed386ac134906e9a86ca28ec03c843f&mpshare=1&scene=1&srcid=0322jI3bd1v4yEq8xPfKFwSA&key=60fe7ed

Sucuri加入GoDaddy

https://blog.sucuri.net/2017/03/godaddy-sucuri-building-a-security-platform-for-every-website-owner.html

Python Pickle的任意代码执行漏洞实践和Payload构造

http://www.polaris-lab.com/index.php/archives/178/

IOS安全指南

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

渗透测试 Node.js 应用

https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458282293&idx=1&sn=8f6953d2629eedc2ebefe8f119528890&scene=0#wechat_redirect

FAME:恶意软件自动化评估分析工具

https://github.com/certsocietegenerale/fame

0ctf2017 Kernel Pwnable – note

https://github.com/lovelydream/0ctf2017_kernel_pwn

如何获取攻击基础设施的隐私保护指标,最终找到数据

https://blog.domaintools.com/2017/03/hunt-case-study-hunting-campaign-indicators-on-privacy-protected-attack-infrastructure/

Kaitai Struct v0.7发布

http://kaitai.io/news/2017-03-22.html

JIT 编译的风险:第二部分

http://eli.thegreenplace.net/2017/adventures-in-jit-compilation-part-2-an-x64-jit/

(完)