【知识】11月7日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:数字签名恶意软件的崛起、WWE名人的Whatsapp屏幕截图和图片等信息泄露、GIBON勒索软件出现、绕过安卓网络安全配置、CVE-2017-8715分析、探索影响Android的6个内核漏洞、2017 Q3 DDoS

 

 

 

 

资讯类:

 

 

 

 

 

 

 

数字签名恶意软件的崛起

https://thehackernews.com/2017/11/malware-digital-certificate.html

 

WWE名人的Whatsapp屏幕截图和图片等信息泄露

http://securityaffairs.co/wordpress/65223/hacking/diva-paige-data-leak.html

 

GIBON勒索软件出现

http://securityaffairs.co/wordpress/65214/malware/gibon-ransomware.html

 

KRACKDetector——KRACK检测工具发布

http://securityaffairs.co/wordpress/65229/hacking/krack-detector.html

 

Amazon S3 Bucket配置错误将导致中间人攻击

https://www.bleepingcomputer.com/news/security/misconfigured-amazon-s3-buckets-expose-users-companies-to-stealthy-mitm-attacks/

 

 

 

技术类:

 

 

 

 

 

 

 

 

渗透测试Cheat Sheet

https://techincidents.com/penetration-testing-cheat-sheet/

 

Ethernuat CTF Writeup

https://medium.com/positive-ico/the-ethernaut-ctf-writeup-dc3021824abc

 

深入Shade:勒索软件分析

https://secrary.com/ReversingMalware/UnpackingShade/

 

重构ROCA

https://blog.cr.yp.to/20171105-infineon.html

 

恶意子域名接管工具Subjack

https://github.com/haccer/subjack

 

绕过安卓网络安全配置

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/bypassing-androids-network-security-configuration/

 

Path Pivot攻击

https://gdelugre.github.io/2017/11/06/samba-path-pivot-attack/

 

CVE-2017-8715分析

https://posts.specterops.io/a-look-at-cve-2017-8715-bypassing-cve-2017-0218-using-powershell-module-manifests-1f811aea858c

 

恶意PowerShell与AMSI

https://github.com/cobbr/slides/blob/master/BSides/DFW/PSAmsi%20-%20Offensive%20PowerShell%20Interaction%20with%20the%20AMSI.pdf

 

 

探索影响Android的6个内核漏洞

 

https://pleasestopnamingvulnerabilities.com/

 

NTFS的百科全书

http://www.kes.talktalk.net/ntfs/

 

二进制中的奥妙:文件结构

https://www.slideshare.net/AngelBoy1/play-with-file-structure-yet-another-binary-exploit-technique

 

Oceanlotus Blossoms:针对东盟、亚洲、媒体等目标的攻击

https://www.volexity.com/blog/2017/11/06/oceanlotus-blossoms-mass-digital-surveillance-and-exploitation-of-asean-nations-the-media-human-rights-and-civil-society/

 

绕过现代的进程检测机制

http://riscy.business/2017/11/bypassing-modern-process-hollowing-detection/

 

接管Instagram账户

https://stefanovettorazzi.com/taking_over_instagram_accounts/

 

AppLocker绕过列表

https://github.com/api0cradle/UltimateAppLockerByPassList/blob/master/README.md

 

2017 Q3 DDoS

https://securelist.com/ddos-attacks-in-q3-2017/83041/

(完)