热点概要:思科修补Shadow Brokers泄露的0day漏洞、Shadow Brokers组织释放的各exploit介绍、BlackHat USA 2016 部分视频放出、使用tpmlnit.exe绕过UAC、针对工业和工程组织的有针对性攻击的食尸鬼行动
国内热词:
因扫描Gmail邮件Google面临新诉讼
海盗湾再次成为最受欢迎的BT网站
Google Ads平台发现窃取银行登录信息的恶意程序
资讯类:
思科修补0day漏洞,包括Shadow Brokers泄漏的
http://news.softpedia.com/news/cisco-patches-zero-day-exposed-in-shadow-brokers-leak-507410.shtml
知名分析公司Social Blade数据泄漏
http://www.securityweek.co.uk/user-data-leaked-analytics-company-social-blade
技术类:
新的FFS Rowhammer 攻击劫持linux虚拟机
http://news.softpedia.com/news/new-ffs-rowhammer-attack-targets-linux-vm-setups-507290.shtml
针对Shakti木马的技术分析
https://blog.malwarebytes.com/threat-analysis/2016/08/shakti-trojan-technical-analysis/
Black Hat USA 2016 部分视频
https://www.youtube.com/playlist?list=PLH15HpR5qRsXm0-rMacuWBxWcB2fmsmEw
Shadow Brokers组织释放的EPICBANANAS和EXTRABACON文件夹中的Exploits
https://blogs.cisco.com/security/shadow-brokers
Samsung Galaxy 应用中间人劫持漏洞
https://www.evilsocket.net/2016/08/17/Samsung-Galaxy-Apps-MITM-Vulnerabilities/#.V7Q50Y6erEo.reddit
深入分析CryptXXX勒索软件
http://blogs.cisco.com/security/cryptxxx-technical-deep-dive
从website-locker到DDoS: Rex !
https://thisissecurity.net/2016/08/17/from-website-locker-to-ddos-rex/
Azurite:枚举和调查Microsoft Azure云的工具
https://github.com/mwrlabs/Azurite
fork()没有exec()在大程序中是危险的
http://www.evanjones.ca/fork-is-dangerous.html
Stagefright:一个android利用的学习案例
../../sites/default/files/conference/protected-files/woot16_slides_drake.pdf
针对个人安全的简单几步措施
https://gist.github.com/grugq/353b6fc9b094d5700c70
使用tpmlnit.exe绕过UAC
http://uacmeltdown.blogspot.nl/
Aveo恶意软件家族针对说日语的用户
http://researchcenter.paloaltonetworks.com/2016/08/unit42-aveo-malware-family-targets-japanese-speaking-users/
食尸鬼行动:针对工业和工程组织的有针对性的攻击
https://securelist.com/blog/research/75718/operation-ghoul-targeted-attacks-on-industrial-and-engineering-organizations/
使用WASEQuery分析web应用测试数据
https://patzke.org/analyzing-web-application-test-data-with-wasequery.html