【知识】8月7日 - 每日安全知识热点

360安全客 安全知识 64047 4

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:用于创建后门的Python包、win7粘滞键后门、车联网安全:CAN协议分析、SMBLoris:Windows拒绝服务metasploit模块、Microsoft Windows – LNK Shortcut File Code Execution、ACCESS无select SQL注入、Marcus Hutchins(MalwareTech)被保释,但不能离开美国

国内热词(以下内容部分摘自http://www.solidot.org/ ):

WannaCry 勒索到的比特币被兑换成门罗币

东亚国家的 HTTPS 普及度较低

资讯类:

Marcus Hutchins(MalwareTech)被保释,但不能离开美国

http://thehackernews.com/2017/08/malwaretech-marcus-hutchins.html 

MISP 2.4.78发布了一个重要的安全修复程序,用于共享组,多个bug修复和新的API功能

https://www.misp-project.org/2017/08/06/MISP.2.4.78.released.html 

技术类:

用于创建后门的Python包

https://0x00sec.org/t/a-python-package-for-creating-backdoors/3170 

ANGRYPUPPY(Cobalt Strike框架的工具)介绍

https://www.mdsec.co.uk/2017/08/introducing-angrypuppy/

win7粘滞键后门

http://3xp10it.cc/web/2017/08/03/win7%E7%B2%98%E6%BB%9E%E9%94%AE%E5%90%8E%E9%97%A8/ 

使用Hover改善Android用户输入的保密性

https://www.ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/system-security-group-dam/research/publications/pub2017/WiSec17_ulqinaku.pdf 

Microsoft图标显示错误允许攻击者使用特殊图标伪装PE文件

https://www.cybereason.com/labs-a-zebra-in-sheeps-clothing-how-a-microsoft-icon-display-bug-in-windows-allows-attackers-to-masquerade-pe-files-with-special-icons/ 

将XSS转化为RCE

https://blog.doyensec.com/2017/08/03/electron-framework-security.html 

Keybase浏览器扩展安全问题解析

https://www.grepular.com/Keybase_Browser_Extension_Insecure 

车联网安全:CAN协议分析

https://www.hackers-arise.com/single-post/2017/08/04/Automobile-Hacking-Part-1-The-CAN-Protocol 

setattrlist()iOS内核漏洞分析

https://www.antid0te.com/blog.html 

胖客户端测试Java反序列化导致RCE

http://blog.securelayer7.net/thick-client-penetration-testing-3javadeserialization-exploit-rce/ 

DEF CON 2017回顾

http://dttw.tech/posts/rJHDh3RLb 

radare2(gdb-peda的替代品)介绍

https://monosource.github.io/2016/10/radare2-peda 

SSRF Tips 

http://blog.safebuff.com/2016/07/03/SSRF-Tips/ 

一个针对渗透测试工程师、安全研究员的学习资源收集汇总

https://github.com/Hack-with-Github/Awesome-Hacking/blob/master/README.md 

如何自制Boot Loader

https://www.codeproject.com/Articles/36907/How-to-develop-your-own-Boot-Loader 

Reverse-engineering of the cryptanalytic attack used in the Flame super-malware 

https://eprint.iacr.org/2016/298.pdf 

ACCESS无select SQL注入

https://forum.90sec.org/forum.php?mod=viewthread&tid=10663 

自动逆向工程恶意软件仿真器

http://www.ict-forward.eu/media/workshop2/presentations/lee-re-malware-emulators.pdf 

SMBLoris:Windows拒绝服务metasploit模块

https://github.com/rapid7/metasploit-framework/pull/8796 

Microsoft Windows – LNK Shortcut File Code Execution

https://www.exploit-db.com/exploits/42429/ 

PhEmail:基于Python的开源邮件钓鱼工具

https://github.com/Dionach/PhEmail 

(完)