3月14日-每日安全知识热点

1.Imgur的SSRF漏洞

https://hackerone.com/reports/115748

2.Flask/Jinja2的服务端模板注入漏洞第二部分 

https://nvisium.com/blog/2016/03/11/exploring-ssti-in-flask-jinja2-part-ii/

3.POWERSNIFF恶意软件使用基于宏的攻击 

http://researchcenter.paloaltonetworks.com/2016/03/powersniff-malware-used-in-macro-based-attacks/

4.在windows shell中使用crypto API 

https://odzhan.wordpress.com/2016/03/12/windows-shells-part4/

5.恶意欺诈软件Criakl的活动时间表 

http://phishme.com/ransomware-rising-criakl-osx-others/

6.cryptostalker:简单的工具帮助在LINUX上检测加密恶意欺诈软件 

https://github.com/unixist/randumb#cryptostalker-example

7.DET：数据提取工具包，主要用在渗透过程中通过ICMP，DNS,HTTP等技术读取目标文件 

https://github.com/sensepost/det

8.VBad：结合OFFICE文档的VBA混淆工具生成器（加密和混淆你的VBA代码） 

https://github.com/Pepitoh/VBad

9.如何解析WINDOWS事件日志 

http://dfir-blog.com/2016/03/13/how-to-parse-windows-eventlog/

10.盘古ios9.0 -9.1越狱 

http://en.pangu.io/

11.sans sec760课程：windows 内核利用介绍 

http://www.bluenotch.com/resources/SANS_Orlando_Kernel_Exploits_Sims.pdf

12.JSRat-Py：JSRat.ps1的python实现。服务端不仅仅限制于windows的powershell了 

https://github.com/Hood3dRob1n/JSRat-Py

13.深入分析Locky恶意欺诈软件 

https://blog.avast.com/a-closer-look-at-the-locky-ransomware

14.随着恶意勒索软件对各个行业的渗透，nccgroup发布一个白皮书帮助企业如何能最大限度的减少初次感染的可能性 

https://www.nccgroup.trust/uk/our-research/ransomware-what-organisations-can-do-to-survive/

15.Cyphercon 2016 安全会议视频 

http://www.irongeek.com/i.php?page=videos%2Fcyphercon2016%2Fmainlist

16.wordpress配置错误导致xda开发者站点（ http://XDA-Developers.com  ）被重新安装 

http://seclists.org/fulldisclosure/2016/Mar/37

17.Mozilla Firefox nsHTMLDocument SetBody UAF远程代码执行漏洞 

http://www.zerodayinitiative.com/advisories/ZDI-16-199/

18.通过email附件分发的LOCKY恶意欺诈软件 

https://blogs.mcafee.com/mcafee-labs/locky-ransomware-arrives-via-email-attachment/

19.通过机器学习和分析检测内部违规人员 

http://blog.imperva.com/2016/03/how-to-detect-insiders-with-machine-learning-and.html

20.你的数据中心能够阻止无人机侦察，受到保护？ 

http://www.thegeekpub.com/4421/data-center-protected-drones/

21.wooyun dorps英文文章：LUA脚本虚拟机逃逸技术分析，中文在http://drops.wooyun.org/tips/12677 

http://en.wooyun.io/2016/02/29/44.html

22.使用bash实现的TOTP（基于时间的一次性密码算法） 

https://github.com/64b2b6d12b/otpknock

23.ELF: dynamic struggles 

https://michalmalik.github.io/elf-dynamic-segment-struggles

24.powershell实现的runas 

https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/Invoke-Runas.ps1

25.0CTF 2016 web第四关卡Monkey的Write Up: 

https://w00tsec.blogspot.tw/2016/03/0ctf-2016-write-up-monkey-web-4.html

26.如何在PS4上设置和启动linux 

http://cturt.github.io/ps4-3.html#linux

27.一些gnome应用程序使用不安全的连接和有漏洞的WebKit 

https://blogs.gnome.org/mcatanzaro/2016/03/12/do-you-trust-this-application/

28.android BnBluetoothGattServer和BnBluetoothGatServerCallback IPC中的栈内存损坏 

https://code.google.com/p/google-security-research/issues/detail?id=712

29.开源的3GPP LTE库 

https://github.com/srsLTE/srsLTE

30.使用非空开（undocumented) windbg命令反向工程crash的dump格式 

http://sww-it.ru/2016-03-13/1320

31.linux inside系列更新：Linux内核的时钟和时间管理 

https://github.com/0xAX/linux-insides/blob/master/Timers/timers-5.m

本文由 360安全播报 原创发布，如需转载请注明来源及本文地址。
本文地址：http://bobao.360.cn/news/detail/2831.html