热点概要:Linux的USB驱动存在安全隐患、震惊!一名用户意外触发Bug导致3亿美元以太坊货币被冻结、最近大火的Coinhive到底是什么、Google Play版权与安全政策解析、微软关于LAN Manager与NTLMv1的警告、DCOM与DDE的奇妙结合、二进制代码的模糊测试。
资讯类:
Linux的USB驱动存在安全隐患
https://www.bleepingcomputer.com/news/security/linux-has-a-usb-driver-security-problem/
像素颜色数据传输新方式
https://www.pentestpartners.com/security-blog/exfiltration-by-encoding-data-in-pixel-colour-values/
浏览器挖矿状况日益糟糕
震惊!一名用户意外触发Bug导致3亿美元以太坊货币被冻结
https://thehackernews.com/2017/11/parity-ethereum-wallet.html
http://securityaffairs.co/wordpress/65303/digital-id/ethereum-parity-wallet-flaw.html
技术类:
欺骗黑客的黑客——IP扫描器内置后门
https://www.bleepingcomputer.com/news/security/hacker-wannabes-fooled-by-backdoored-ip-scanner/
微软关于LAN Manager与NTLMv1的警告
https://blogs.technet.microsoft.com/miriamxyra/2017/11/07/stop-using-lan-manager-and-ntlmv1/
URL与安全
https://noncombatant.org/2017/11/07/problems-of-urls/
信息安全Cheat Sheets
https://www.cybrary.it/0p3n/infosec-cheat-sheets/
新近出现的提权框架
https://github.com/spencerdodd/kernelpop
安卓挖矿浅谈
https://www.ixiacom.com/company/blog/everythings-better-blockchain
IoT与ARM逆向 第三部分
https://quequero.org/2017/11/arm-exploitation-iot-episode-3/
Windows利用开发四:SEH覆写
http://www.shogunlab.com/blog/2017/11/06/zdzg-windows-exploit-4.html
最近大火的Coinhive到底是什么
DCOM与DDE的奇妙结合
https://www.cybereason.com/blog/leveraging-excel-dde-for-lateral-movement-via-dcom
SIEM系统通用签名工具
https://github.com/Neo23x0/sigma
二进制代码的模糊测试
https://medium.com/@njvoss299/afl-unicorn-fuzzing-arbitrary-binary-code-563ca28936bf
Shopware中的XXE
https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/
Google Play版权与安全政策解析
http://blog.fortinet.com/2017/11/08/the-strange-case-of-play-policy-for-copyright-and-security