安全路透社
当前位置:安全路透社 > 安全客 > 正文

【知识】11月12日 – 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:DHS团队成功黑掉波音757、CVE-2017-13089 Wget HTTP整数溢出通过搜索控件预览缓存获取私密推特伪造密码段绕过浏览器安全警告数据线间谍设备子域名渗透测试手册Tor网络的信息收集、Powershell脚本的混淆与反混淆

资讯类:


Web扩展与其安全性浅谈

https://palant.de/2017/11/11/on-web-extensions-shortcomings-and-their-impact-on-add-on-security

勒索软件周报:Cobra,Lockcrypt等

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-10th-2017-ordinypt-and-lockcrypt/

https://www.bleepingcomputer.com/news/security/new-cobra-crysis-ransomware-variant-released/

https://www.bleepingcomputer.com/news/security/lockcrypt-ransomware-crew-started-via-satan-raas-now-deploying-their-own-strain/

DHS团队成功黑掉波音757

https://www.bleepingcomputer.com/news/security/dhs-team-hacks-a-boeing-757/

技术类:


Powershell之劫持数字签名

https://pentestlab.blog/2017/11/08/hijack-digital-signatures-powershell-script/


CVE-2017-13089 Wget HTTP整数溢出

https://xorl.wordpress.com/2017/11/11/cve-2017-13089-wget-http-integer-overflow/

子域名渗透测试手册

https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6

Tor网络的信息收集

https://vallejo.cc/2017/11/11/using-gathering-information-tools-through-tor-network/

通过搜索控件预览缓存获取私密推特

https://hackerone.com/reports/263760

谷歌验证码破解实例

http://rickyhan.com/jekyll/update/2017/11/10/bypassing-recaptcha.html

Radiocarbon泄漏信息分析工具

https://github.com/Neo23x0/radiocarbon

Chrome List Item Marker RCE漏洞

https://bugs.chromium.org/p/chromium/issues/detail?id=684684

数据线间谍设备

https://ha.cking.ch/s8_data_line_locator/

Powershell脚本的混淆与反混淆

https://pcsxcetrasupport3.wordpress.com/2017/11/11/de-obfuscating-a-powershell-script-obfuscated-by-invoke-obfuscation/

伪造密码段绕过浏览器安全警告

https://www.troyhunt.com/bypassing-browser-security-warnings-with-pseudo-password-fields/


本文地址:http://bobao.360.cn/learning/detail/4689.html

未经允许不得转载:安全路透社 » 【知识】11月12日 – 每日安全知识热点

赞 (0)
分享到:更多 ()

评论 0

评论前必须登录!

登陆 注册