热点概要:针对openvpn和64位加密块的生日攻击、法国潜艇机密数据外泄、Linux提权讲解、泄露的cisco ASA利用可以应用到新的cisco版本上、了解zepto逃逸技术
国内热词:
法德督促欧盟制定新规解密加密通讯
法国潜艇机密数据外泄
FBI调查俄罗斯入侵纽约时报记者
资讯类:
泄露的文档显示NSA目标针对中国防火墙制造商华为
https://motherboard.vice.com/read/nsa-huawei-firewalls-shadow-brokers-leak
技术类:
通过sct投递jS
https://gist.github.com/subTee/3610a16a54bcbc1fe0ebc46313f5c02e
Linux提权讲解
http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/
如何缓解Mimikatz WDigest 明文窃取
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
d4rkarmy网络杂志号称泄露0day
https://www.cyberwarnews.info/2016/08/24/d4rkarmy-zine-extortion-leaks-0days-claims/
PINCE:一款linux下的反向工程工具
https://github.com/korcankaraokcu/PINCE
WhatsApp Viewer:可以显示andorid设备上msgstore.db.crypt5, .crypt7 and .crypt8 数据库中的聊天纪录
https://andreas-mausch.github.io/whatsapp-viewer/
针对记者的android恶意软件有所增加
https://iranthreats.github.io/resources/android-malware/
分析alma恶意勒索软件的新威胁(包括解密)
https://info.phishlabs.com/blog/alma-ransomware-analysis-of-a-new-ransomware-threat-and-a-decrypter
分析Donoff宏病毒下载勒索软件
https://blog.threattrack.com/donoff-malicious-macro-zepto/
Kelihos僵尸网络活动近期显著上升
https://www.malwaretech.com/2016/08/significant-increase-in-kelihos-botnet-activity.html
泄露的cisco ASA利用可以应用到新的cisco版本上
http://www.securityweek.com/leaked-cisco-asa-exploit-adapted-newer-versions
通过语音信息投递恶意欺诈勒索软件
https://isc.sans.edu/diary/Voice+Message+Notifications+Deliver+Ransomware/21397
了解zepto逃逸技术
https://blog.threattrack.com/understanding-zepto-evasion-techniques/
流行的开源程序不安全性
https://paragonie.com/blog/2016/08/on-insecurity-popular-open-source-php-cms-platforms
Audible DRM scheme
https://recon.cx/2016/resources/slides/RECON-0xA-Audible-DRM-scheme.pdf
SWEET32:针对openvpn和64位加密块的生日攻击,相关新闻报道http://arstechnica.com/security/2016/08/new-attack-can-pluck-secrets-from-1-of-https-traffic-affects-top-sites/
文章原文链接:https://www.anquanke.com/post/id/84447
