1月29日安全热点 - 微软发布更新禁用 Spectre 缓解措施

资讯类

微软发布 Windows 紧急带外更新禁用 Spectre 缓解措施

https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-windows-out-of-band-update-that-disables-spectre-mitigations/

 

黑客盗取价值超过15万美元的Ethereum

https://www.bleepingcomputer.com/news/security/hacker-steals-over-150-000-worth-of-ethereum-from-experty-ico-participants/

 

phpBB论坛软件的两个下载包的URL被泄露

Download URLs for two packages of the phpBB forum software were compromised

技术类

重要更新:Web Blocking / RAM Usage

https://blog.malwarebytes.com/malwarebytes-news/2018/01/important-web-blocking-ram-usage/

 

2018年Cloudflare的SEO表现

https://blog.cloudflare.com/seo-performance-in-2018-using-cloudflare/

 

如何读取Mac进程的内存映射

https://jvns.ca/blog/2018/01/26/mac-memory-maps

 

逆向工程和利用三星TrustZone系列——第一部分

https://medium.com/taszksec/unbox-your-phone-part-i-331bbf44c30c

 

如何在互联网的世界里正确保护你的信息

https://securingtomorrow.mcafee.com/consumer/family-safety/treat-familys-personal-data-like-gold-hyper-connected-world/

 

如何利用Lynx,正则表达式和Bash

https://0x00sec.org/t/simplified-scraping-with-lynx-regex-and-bash/5149

 

HTB Calamity write-up

https://0x00sec.org/t/htb-calamity-write-up-ret2mprotect-bypass-nx-info-leak/5139

 

这是一个渗透测试吗?

https://isc.sans.edu/diary/rss/23283

 

如何做好首席安全官 – 企业安全体系与架构实现

https://www.sec-un.org/%E5%A6%82%E4%BD%95%E5%81%9A%E5%A5%BD%E9%A6%96%E5%B8%AD%E5%AE%89%E5%85%A8%E5%AE%98-%E4%BC%81%E4%B8%9A%E5%AE%89%E5%85%A8%E4%BD%93%E7%B3%BB%E4%B8%8E%E6%9E%B6%E6%9E%84%E5%AE%9E%E7%8E%B0/

 

当物联网遇上区块链

https://hackernoon.com/when-iot-meets-blockchain-%EF%B8%8F-892fecdaf00c

 

了解蓝牙安全

https://duo.com/blog/understanding-bluetooth-security

 

MISP 2.4.87发布

https://www.misp-project.org/2018/01/28/MISP.2.4.87.html

 

Ivy——静态网站生成工具

http://mulholland.xyz/docs/ivy/

 

MacOS sysctl_vfs_generic_conf堆栈溢出漏洞

https://packetstormsecurity.com/files/146140/GS20180128173234.txt

(完)