资讯类
Talos团队发布的本周威胁汇总
http://blog.talosintelligence.com/2018/01/threat-round-up-0105-0512.html
667个Apple钓鱼网站(JSON格式)
技术类
推特网友@raphael_scarv 称他能够利用meltdown漏洞有效地从其他进程读取非缓存的数据。但他表示不会公布细节。
https://twitter.com/raphael_scarv/status/952078140028964864
OpenSSL SSL Handshake Error State Security Bypass (CVE-2017-3737)漏洞的分析
https://blog.fortinet.com/2018/01/12/an-analysis-of-the-openssl-ssl-handshake-error-state-security-bypass-cve-2017-3737
DVAR – Damn Vulnerable ARM Router
DVAR是一个模拟的基于Linux的ARM路由器,运行着易受攻击的Web服务器
下载:http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html
可与 https://azeria-labs.com/ 教程配套学习
对PowerStager的分析
https://researchcenter.paloaltonetworks.com/2018/01/unit42-powerstager-analysis/
关于PowerStager的介绍
https://github.com/z0noxz/powerstager
DNSFS:真正的云存储! 将您的文件存储在其他人的DNS缓存中!
https://blog.benjojo.co.uk/post/dns-filesystem-true-cloud-storage-dnsfs
从32位的loader使用RunPE注入到64位进程中的挖矿工具分析
https://secrary.com/ReversingMalware/CoinMiner/
样本:https://www.virustotal.com/en/file/98199294da32f418964fde49d623aadb795d783640b208b9dd9ad08dcac55fd5/analysis/
Windows内核利用教程Part 3:任意内存覆盖(Write-What-Where)
https://www.exploit-db.com/docs/english/43527-windows-kernel-exploitation-tutorial-part-3-arbitrary-memory-overwrite-(write-what-where).pdf
iOS 11.0 – 11.1.2基于async_awake的越狱工具包
https://github.com/coolstar/electra
利用Weblogic漏洞(CVE-2017-10271)挖矿行动相关脚本
https://pastebin.com/ctisSMcY
https://pastebin.com/nTnujW8b
Mobile App Flaws of SCADA ICS Systems Could Allow Hackers To Target Critical Infrastructe
http://securityaffairs.co/wordpress/67701/iot/scada-mobile-security.html
http://blog.ioactive.com/2018/01/scada-and-mobile-security-in-iot-era.html
对”Finnish themed” Twitter僵尸网络的进一步分析
https://labsblog.f-secure.com/2018/01/12/further-analysis-of-the-finnish-themed-twitter-botnet/
之前的分析:
https://labsblog.f-secure.com/2018/01/11/someone-is-building-a-finnish-themed-twitter-botnet/
phpCollab 2.5.1未授权文件上传漏洞
https://cxsecurity.com/issue/WLB-2018010117
评论