6月23日-每日安全知识热点

http://p0.qhimg.com/t01f7ef32da341925d2.jpg

技术类:

Yves Younan.发现的pidgin的漏洞汇总

http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html


Linux Kernel ROP – Ropping your way to # (Part 2)

https://www.trustwave.com/Resources/SpiderLabs-Blog/Linux-Kernel-ROP—Ropping-your-way-to—(Part-2)/


高级操作系统课程

http://cgi.di.uoa.gr/~mema/courses/mde518/m122.html


为什么大公司不部署“read team"(指攻击方)?

https://yahoo-security.tumblr.com/post/146318766495/whats-in-a-red-team-and-why-arent-companies


分析从DNC被黑服务器中提取的恶意软件

http://www.threatgeek.com/2016/06/dnc_update.html


设计一个xctf 2016的badge

http://irq5.io/2016/06/22/designing-the-x-ctf-2016-badge/


关于payload Staging的入门介绍

http://blog.cobaltstrike.com/2016/06/22/talk-to-your-children-about-payload-staging/


在audio开发中常见的4种错误

http://atastypixel.com/blog/four-common-mistakes-in-audio-development/


通过配置AsyncOS来提高email服务器的安全性

http://blogs.cisco.com/security/asyncos-10-0-for-cisco-email-security


Nemucod恶意欺诈勒索软件使用javascript和php结合来影响用户

http://news.softpedia.com/news/nemucod-ransomware-uses-javascript-and-php-concoction-to-infect-users-505486.shtml


32bit的 Chrome/Firefox在64bit windows上的高地址堆喷射

http://blog.skylined.nl/20160622001.html


介绍windows PFN数据库

http://rekall-forensic.blogspot.ch/2016/05/rekall-and-windows-pfn-database.html


分析PlugX Builder

http://blog.cybersecurity-airbusds.com/post/2016/06/Getting-a-PlugX-builder


Linux – ecryptfs 和 /proc/$pid/environ 提权poc

https://www.exploit-db.com/exploits/39992/


Necurs, Dridex, 和 Locky恶意欺诈家族的最近动向

http://www.malwaretech.com/2016/06/whats-happening-with-necurs-dridex-and.html


CylancePROTECT® vs. PlugX:JTB数据泄露影响793万日本人

https://blog.cylance.com/cylanceprotect-vs-plugx


‘GODLESS’ 移动恶意软件使用多个exploit来root手机

http://blog.trendmicro.com/trendlabs-security-intelligence/godless-mobile-malware-uses-multiple-exploits-root-devices/


流行的动漫站点Jkanime 被黑,访问者被指向NEUTRINO EK

https://blogs.forcepoint.com/security-labs/highly-popular-anime-site-jkanime-compromised-redirecting-users-neutrino-ek


资讯类:

黑客窃取美国1亿5千400万投票人记录

http://news.softpedia.com/news/hackers-breach-us-company-and-unwittingly-expose-154-million-voter-records-505553.shtml


Carbonite在线备份账号遭受密码重用攻击

http://www.theregister.co.uk/2016/06/22/carbonite_accounts_password_reuse_attack/?utm_source=dlvr.it&utm_medium=twitter


庞大的黑客攻击后,这些首席执行官们均给予加薪

http://www.zdnet.com/article/after-huge-hacks-these-chief-executives-were-given-a-raise/


NUCLEAR, ANGLER EXPLOIT KIT活动消失

https://threatpost.com/nuclear-angler-exploit-kit-activity-has-disappeared/118842/


数据泄露消息:

山东省联通手机/IMEI泄露

免责声明:文章内容不代表本站立场,本站不对其内容的真实性、完整性、准确性给予任何担保、暗示和承诺,仅供读者参考,文章版权归原作者所有。如本文内容影响到您的合法权益(内容、图片等),请及时联系本站,我们会及时删除处理。查看原文

为您推荐