安全路透社
当前位置:安全路透社 > 安全客 > 正文

【知识】11月11日 – 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:朝鲜广播站被黑,黑客播放The Final CountdownOrdinypt勒索软件出现,只针对德国用户CVE-2017-7219详细分析在合法进程中隐藏代码Websockets与IE/Edge实现C2通信从零起步——Malwarebytes反编译教程IKEv1与CVE-2016-1287

资讯类:


研究人员可通过IDS签名绕过IDS

http://www.securityweek.com/researcher-bypasses-ids-using-ids-signatures

朝鲜广播站被黑,黑客播放The Final Countdown

https://www.theepochtimes.com/hacker-hijacks-north-korean-radio-station-plays-the-final-countdown_2354373.html

Ordinypt勒索软件出现,只针对德国用户

http://securityaffairs.co/wordpress/65371/malware/ordinypt-wiper.html

技术类:


CVE-2017-7219详细分析

https://blog.scrt.ch/2017/04/26/heap-overflow-vulnerability-in-citrix-netscaler-gateway-cve-2017-7219/


Websockets与IE/Edge实现C2通信

https://arno0x0x.wordpress.com/2017/11/10/using-websockets-and-ie-edge-for-c2-communications/

在合法进程中隐藏代码

https://www.adlice.com/runpe-hide-code-behind-legit-process/

汇编Cheatsheet

https://azeria-labs.com/assembly-basics-cheatsheet/

绕过杀软的提权

https://bogner.sh/2017/11/avgater-getting-local-admin-by-abusing-the-anti-virus-quarantine/

Linux Process Hunter

https://gitlab.com/nowayout/prochunter

从零起步——Malwarebytes反编译教程

https://blog.malwarebytes.com/malwarebytes-news/2017/11/how-to-solve-the-malwarebytes-crackme-a-step-by-step-tutorial/

IKEv1与CVE-2016-1287

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/cisco-asa-series-part-eight-exploiting-the-cve-2016-1287-heap-overflow-over-ikev1/

Linux下的TCP Bind Shellcode

https://pentesterslife.blog/2017/11/01/x86_64-tcp-bind-shellcode-with-basic-authentication-on-linux-systems/

Smart Massager的逆向与利用

https://medium.com/@arunmag/how-i-reverse-engineered-and-exploited-a-smart-massager-ee7c9f21bf33

Hashes.org函数介绍

https://s3inlc.wordpress.com/2017/11/10/algorithms-on-hashes-org/

Eavesdropper:移动端数据泄漏漏洞

https://www.appthority.com/mobile-threat-center/blog/eavesdropper-mobile-vulnerability-exposing-millions-conversations/

移动端DDoS产业

https://krebsonsecurity.com/2017/11/ddos-for-hire-service-launches-mobile-app/


本文地址:http://bobao.360.cn/learning/detail/4688.html

未经允许不得转载:安全路透社 » 【知识】11月11日 – 每日安全知识热点

赞 (0)
分享到:更多 ()

评论 0

评论前必须登录!

登陆 注册