技术类:
Yves Younan.发现的pidgin的漏洞汇总
http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html
Linux Kernel ROP – Ropping your way to # (Part 2)
https://www.trustwave.com/Resources/SpiderLabs-Blog/Linux-Kernel-ROP—Ropping-your-way-to—(Part-2)/
高级操作系统课程
http://cgi.di.uoa.gr/~mema/courses/mde518/m122.html
为什么大公司不部署“read team"(指攻击方)?
https://yahoo-security.tumblr.com/post/146318766495/whats-in-a-red-team-and-why-arent-companies
分析从DNC被黑服务器中提取的恶意软件
http://www.threatgeek.com/2016/06/dnc_update.html
设计一个xctf 2016的badge
http://irq5.io/2016/06/22/designing-the-x-ctf-2016-badge/
关于payload Staging的入门介绍
http://blog.cobaltstrike.com/2016/06/22/talk-to-your-children-about-payload-staging/
在audio开发中常见的4种错误
http://atastypixel.com/blog/four-common-mistakes-in-audio-development/
通过配置AsyncOS来提高email服务器的安全性
http://blogs.cisco.com/security/asyncos-10-0-for-cisco-email-security
Nemucod恶意欺诈勒索软件使用javascript和php结合来影响用户
http://news.softpedia.com/news/nemucod-ransomware-uses-javascript-and-php-concoction-to-infect-users-505486.shtml
32bit的 Chrome/Firefox在64bit windows上的高地址堆喷射
http://blog.skylined.nl/20160622001.html
介绍windows PFN数据库
http://rekall-forensic.blogspot.ch/2016/05/rekall-and-windows-pfn-database.html
分析PlugX Builder
http://blog.cybersecurity-airbusds.com/post/2016/06/Getting-a-PlugX-builder
Linux – ecryptfs 和 /proc/$pid/environ 提权poc
https://www.exploit-db.com/exploits/39992/
Necurs, Dridex, 和 Locky恶意欺诈家族的最近动向
http://www.malwaretech.com/2016/06/whats-happening-with-necurs-dridex-and.html
CylancePROTECT® vs. PlugX:JTB数据泄露影响793万日本人
https://blog.cylance.com/cylanceprotect-vs-plugx
‘GODLESS’ 移动恶意软件使用多个exploit来root手机
http://blog.trendmicro.com/trendlabs-security-intelligence/godless-mobile-malware-uses-multiple-exploits-root-devices/
流行的动漫站点Jkanime 被黑,访问者被指向NEUTRINO EK
https://blogs.forcepoint.com/security-labs/highly-popular-anime-site-jkanime-compromised-redirecting-users-neutrino-ek
资讯类:
黑客窃取美国1亿5千400万投票人记录
http://news.softpedia.com/news/hackers-breach-us-company-and-unwittingly-expose-154-million-voter-records-505553.shtml
Carbonite在线备份账号遭受密码重用攻击
http://www.theregister.co.uk/2016/06/22/carbonite_accounts_password_reuse_attack/?utm_source=dlvr.it&utm_medium=twitter
庞大的黑客攻击后,这些首席执行官们均给予加薪
http://www.zdnet.com/article/after-huge-hacks-these-chief-executives-were-given-a-raise/
NUCLEAR, ANGLER EXPLOIT KIT活动消失
https://threatpost.com/nuclear-angler-exploit-kit-activity-has-disappeared/118842/
数据泄露消息:
山东省联通手机/IMEI泄露