12月10日安全热点 - 惠普键击记录器/印度删除中国应用

 

资讯类

超过460 HP笔记本上发现预装键击记录器
https://thehackernews.com/2017/12/hp-laptop-keylogger.html

 

印度欲删除手机中的中国应用

https://www.bleepingcomputer.com/news/government/india-tells-troops-to-delete-chinese-apps-from-phones-amidst-tracking-fears/

 

Orcus RAT作者开始针对比特币投资人

http://securityaffairs.co/wordpress/66526/malware/orcus-rat-target-bitcoin.html

 

Linux.ProxyM IoT僵尸网络开始攻击网站

http://securityaffairs.co/wordpress/66537/malware/linux-proxym-iot-botnet.html

 

技术类

HP Keylogger分析

https://zwclose.github.io/HP-keylogger/

 

Meterpreter DNS隧道利用技术

https://asintsov.blogspot.com/2017/12/data-exfiltration-in-metasploit.html

 

常见协议的Cheat Sheets

http://packetlife.net/library/cheat-sheets/

 

全自动Adversary Emulation介绍

https://www.blackhat.com/docs/eu-17/materials/eu-17-Miller-CALDERA-Automating-Adversary-Emulation.pdf

 

OSINT技术的常见利用

https://medium.com/@SecEvangelism/happy-osint-hacking-fun-with-the-panama-papers-law-firm-mossack-fonseca-post-breach-89698c39f256

 

Pop Nedry Payload

https://github.com/zznop/pop-nedry

 

CheckRemoteDebuggerPresent() 反调试技术

https://xorl.wordpress.com/2017/12/09/the-checkremotedebuggerpresent-anti-debugging-technique/

 

SQL渗透测试小技巧

https://pen-testing.sans.org/blog/2017/12/09/your-pokemon-guide-for-essential-sql-pen-test-commands/

 

OSCE/CTP预指导

https://tulpa-security.com/2017/07/18/288/

 

NSA追踪的检测与恢复

https://blog.fox-it.com/2017/12/08/detection-and-recovery-of-nsas-covered-up-tracks/

 

Lost in Transaction：Process doppelganging

https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf