热点概要:rubygems.org远程代码执行漏洞、一加手机的OxygenOS被指收集用户信息、朝鲜和伊朗使用CodeProject来开发恶意软件、Windows DNS客户端存在多个堆缓冲区溢出漏洞、Acunetix安全加固指南 、sqliv:批量SQL注入漏洞扫描工具、CVE-2017-11826:新的Office 0day被曝在野外利用
国内热词(以下内容部分来自:http://www.solidot.org/ )
一加的OxygenOS会跟踪用户的所有活动
资讯类:
小而强大的ATMii能让Win 7和Vista系统的ATM机吐钞
技术类:
rubygems.org远程代码执行漏洞
https://justi.cz/security/2017/10/07/rubygems-org-rce.html
一加手机的OxygenOS被指收集用户信息
https://www.chrisdcmoore.co.uk/post/oneplus-analytics/
朝鲜和伊朗使用CodeProject来开发恶意软件
http://www.intezer.com/north-korea-iran-use-codeproject-develop-malware/
使用Sysmon进行Threat Hunting:检测启用宏的Word文档
http://syspanda.com/index.php/2017/10/10/threat-hunting-sysmon-word-document-macro/
iOS隐私:steal.password – 轻松获取用户的Apple ID密码,只需要通过钓鱼的方式
Front-running Bancor in 150 lines of Python with Ethereum API
https://hackernoon.com/front-running-bancor-in-150-lines-of-python-with-ethereum-api-d5e2bfd0d798
使用osquery跟踪被盗的代码签名证书
https://blog.trailofbits.com/2017/10/10/tracking-a-stolen-code-signing-certificate-with-osquery/
Windows DNS客户端存在多个堆缓冲区溢出漏洞
Fake Crypto: Microsoft Outlook S/MIME Cleartext Disclosure (CVE-2017-11776)
社会工程学攻击和Whatsapp的故事
https://robertheaton.com/2016/10/22/a-tale-of-love-betrayal-social-engineering-and-whatsapp/
Acunetix安全加固指南
https://www.acunetix.com/blog/docs/acunetix-security-hardening-guide/
微软 Office Word 无宏命令执行漏洞
https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/
New Office 0day (CVE-2017-11826) Exploited in the Wild
http://360coresec.blogspot.com/2017/10/new-office-0day-cve-2017-11826.html
LTR101:CloudFront域接管/劫持
https://blog.zsec.uk/subdomainhijack/
Metasploit Module for Tomcat JSP Upload via PUT Bypass (CVE-2017-12615)
https://www.peew.pw/blog/2017/10/9/new-vulnerability-same-old-tomcat-cve-2017-12615
poet:一款后渗透工具
https://n0where.net/poet-simple-post-exploitation/
The Absurdly Underestimated Dangers of CSV Injection
http://georgemauer.net/2017/10/07/csv-injection.html
sqliv:批量SQL注入漏洞扫描工具
https://github.com/Hadesy2k/sqliv
New NIST and DHS Standards Get Ready to Tackle BGP Hijacks
Pin Visual Coverage Tool for Binary Ninja
http://www.chokepoint.net/2017/10/pin-visual-coverage-tool-for-binary.html
Stack Overflow Considered Harmful The Impact of Copy&Paste on Android Application Security
https://arxiv.org/pdf/1710.03135.pdf
Exploring OpenVMS from “unsecure” NFS mount on linux
https://astr0baby.wordpress.com/2017/10/09/exploring-openvms-from-unsecure-nfs-mount-on-linux/
FrozenCell: Multi-platform surveillance campaign against Palestinians
https://blog.lookout.com/frozencell-mobile-threat
Run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.
https://github.com/intezer/docker-ida
Big Data Visual Analytics: Aperture Tiles