热点概要:在多款趋势科技的产品中存在同样的RCE漏洞(含漏洞分析及PoC)、详解中间人攻击、在Sysinternals中隐藏进程(可以通过该方法运行恶意软件但在Procexp.exe中不显示进程)、使用二进制Diffing挖掘Windows内核内存泄露漏洞、如何绕过Intel Boot Guard、XSLT服务端注入攻击
国内热词(以下内容部分来自:http://www.solidot.org/ )
程序员在 Stack Overflow 向 Java 开发者提供了存在安全隐患的答案
白宫幕僚长的手机可能早被入侵
中国的数字货币交易转入地下
技术类:
在多款趋势科技的产品中存在同样的RCE漏洞(含漏洞分析及PoC)
https://pentest.blog/one-ring-to-rule-them-all-same-rce-on-multiple-trend-micro-products/
Testing Security Keys
https://www.imperialviolet.org/2017/10/08/securitykeytest.html
使用Raspberry Pi在Windows上实现Wi-Fi数据包嗅探/监控(思路来源于Wimonitor)
https://zone13.io/post/wifi-monitoring-using-raspberry-pi/
详解中间人攻击
http://www.kalitut.com/2017/10/man-in-middle-attacks.html
在Sysinternals中隐藏进程(可以通过该方法运行恶意软件但在Procexp.exe中不显示进程)
https://riscybusiness.wordpress.com/2017/10/07/hiding-your-process-from-sysinternals/
Capture Screen + Network = ReproNow
https://medium.com/@vinayendra/capture-screen-network-repronow-b44dd52307fd
使用二进制Diffing挖掘Windows内核内存泄露漏洞
https://googleprojectzero.blogspot.com/2017/10/using-binary-diffing-to-discover.html
When Security Features Collide
http://blog.portswigger.net/2017/10/when-security-features-collide.html
如何绕过Intel Boot Guard
https://embedi.com/blog/bypassing-intel-boot-guard
Flusihoc:一个可能来自于中国的DDoS僵尸网络分析
https://www.arbornetworks.com/blog/asert/the-flusihoc-dynasty-a-long-standing-ddos-botnet/
Hunting With Active Directory Replication Metadata
https://posts.specterops.io/hunting-with-active-directory-replication-metadata-1dab2f681b19
软件供应链安全防护:深入分析CCleaner后门事件
https://www.crowdstrike.com/blog/protecting-software-supply-chain-deep-insights-ccleaner-backdoor/
VMware Escapology – How to Houdini the Hypervisor
https://www.zerodayinitiative.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor
XSLT服务端注入攻击
https://www.contextis.com/blog/xslt-server-side-injection-attacks
代码审计的常规方法介绍
https://pentesterlab.com/exercises/codereview/course