http://p8.qhimg.com/t0105eadd526b531a1d.png


热点概要:使用便宜的设备绕过iphone 5c的passcode的重试限制、CVE-2016-3351补丁绕过、使用Pineapple NANO, OS X 和 BetterCap构建一个wifi渗透平台

国内热词:

Bruce Schneier 警告有人正在学习搞垮互联网

Google正变成一个偏执的跟踪狂

GCHQ计划建立基于DNS的国家防火墙

反马赛克技术出现 以后照片打码也没用了

资讯类:

计算机黑客一年可通过漏洞平台盈利10万美金

http://www.businessinsider.com/how-many-hackers-earn-over-100000-a-year-2016-9/

技术类:

使用Pineapple NANO, OS X 和 BetterCap构建一个wifi渗透平台

https://www.evilsocket.net/2016/09/15/WiFi-Pineapple-NANO-OS-X-and-BetterCap-setup/

一系列的文章让你明白TOR的架构

http://jordan-wright.com/blog/2015/02/28/how-tor-works-part-one/

firefox和Tor浏览器中的Certificate pinning漏洞

http://seclists.org/dailydave/2016/q3/51

NAXSI是一款开源的,高性能,低规则维护Nginx的WAF

https://github.com/nbs-system/naxsi

The bumpy road towards iPhone 5c NAND mirroring [主要讲解使用便宜的设备绕过iphone 5c的passcode的重试限制]

https://arxiv.org/pdf/1609.04327v1.pdf

寻找Signal聊天软件中的漏洞第一部分

https://pwnaccelerator.github.io/2016/signal-part1.html

#LabyREnth CTF Windows Track 的1-6关卡的writeup

http://researchcenter.paloaltonetworks.com/2016/09/labyrenth-capture-the-flag-ctf-windows-track-1-6-solutions/

NetBSD mail.local 提权POC

https://packetstormsecurity.com/files/138733/netbsd_mail_local.rb.txt

可以轻松进行802.1Q VLAN Hopping攻击的工具

https://github.com/commonexploits/vlan-hopping

CVE-2016-3374 (MS16-115):windows PDF库信息泄露漏洞

http://blog.malerisch.net/2016/09/microsoft–out-of-bounds-read-pdf-library-cve-2016-3374.html

VB2016会议上安全专家将演示GPS更多攻击风险

https://www.virusbulletin.com/blog/2016/september/turns-out-gps-technology-more-vulnerable-cyberattack-ever-security-expert-demonstrates/

Tommy Boy 1 VulnHub Writeup

https://g0blin.co.uk/tommy-vulnhub-writeup/

CVE-2016-3351补丁绕过,AdGholas广告活动用于针对客户端攻击

http://blog.trendmicro.com/trendlabs-security-intelligence/microsoft-patches-ieedge-zeroday-used-in-adgholas-malvertising-campaign/

文章原文链接:https://www.anquanke.com/post/id/84570