HanDs
管理员

7月07日-每日安全知识热点 





学习中请遵循国家相关法律法规,黑客不作恶。没有网络安全就没有国家安全

本站需要登陆后才能查看

http://p0.qhimg.com/t01f7ef32da341925d2.jpg

技术类:

IBM BlueMix Cloud - (API) 存储型XSS漏洞

http://seclists.org/fulldisclosure/2016/Jul/3


子域名暴力破解工具Sublist3r更新

https://github.com/aboul3la/Sublist3r


Ayaabu是一个有趣的开源脚本,用来欺骗恶意软件以为计算机安装了多个杀软

https://github.com/mynameisv/Ayaabu


Cerber恶意欺诈软件的恶意pcap包

http://www.malware-traffic-analysis.net/2016/07/05/index.html


Cuckoo的沙箱驱动,可以在执行恶意文件的时候实现内核分析

https://github.com/angelkillah/zer0m0n


扫描和利用不安全的树莓派的脚本

https://github.com/Fysac/lhf


nccgroup发布了一个欺诈勒索软件模拟软件

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/july/ransomware-how-vulnerable-is-your-system/


US-CERT警告Symantec和Norton的几款安全产品包含严重的漏洞

https://www.us-cert.gov/ncas/alerts/TA16-187A


通过ubuntu bash来安装windows 10

http://www.howtogeek.com/261188/how-to-uninstall-or-reinstall-windows-10s-ubuntu-bash-shell/


使用chip-8中断写一个模拟器

http://www.multigesture.net/articles/how-to-write-an-emulator-chip-8-interpreter/


RansomNoteCleaner 移除欺诈软件留下的垃圾信息的工具

http://news.softpedia.com/news/ransomnotecleaner-removes-ransomware-junk-from-your-pc-505978.shtml


cookie shadow 路径注入

https://c0nradsc0rner.wordpress.com/2016/07/06/cookie-shadow-path-injection/


集成到powershell Empire的MS16-032漏洞

https://warroom.securestate.com/leveraging-ms16-032-powershell-empire/


c++ x86的代码混淆库

https://breakdev.org/obfusion-c-x86-code-obfuscation-library/


新的osx/keydnap恶意软件偷取用户账户信息,另一篇报道在http://news.softpedia.com/news/keydnap-mac-malware-steals-keychain-passwords-open-backdoor-on-infected-systems-506053.shtml

http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/


新的mac后门:Eleanor,可以偷数据,执行代码,控制摄像头,另一篇分析http://9to5mac.com/2016/07/06/backdoor-mac-elanor-mac-malware/

https://blog.malwarebytes.com/cybercrime/2016/07/new-mac-backdoor-malware-eleanor/


介绍lamma框架

http://smxlabz.blogspot.in/2016/07/introduction-to-lamma.html


今日针对日本的BEBLOH银行木马行动有所增加

http://blog.trendmicro.com/trendlabs-security-intelligence/bebloh-expands-japan-latest-spam-attack/


CryptXXX 欺诈勒索软件更新

https://isc.sans.edu/diary/21229


RunKeeper存储型XSS

https://www.seekurity.com/blog/general/runkeeper-stores-xss-vulnerability/


资讯类:

超过6000台redis数据库被恶意程序接管

http://news.softpedia.com/news/over-6-000-redis-database-servers-ready-for-the-taking-506056.shtml


wikileak发布1200份在伊拉克战争中的克林顿邮件

http://www.commondreams.org/news/2016/07/05/wikileaks-releases-over-1200-clinton-emails-iraq-war


曾访问克林顿电子邮箱的罗马尼亚黑客Guccifer被发现死于牢房中

http://christiantimesnewspaper.com/breaking-romanian-hacker-with-access-to-clinton-emails-found-dead-in-jail-cell/


OSX.Pirrit恶意广告背后的以色列广告公司

http://news.softpedia.com/news/israeli-advertising-company-behind-osx-pirrit-mac-adware-506020.shtml


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
7 07 - 每日安全知识热点
#1楼
发帖时间:2016-7-9   |   查看数:0   |   回复数:0
游客组
快速回复