热点概要:metasploit双洞配合导致的远程反序列话RCE漏洞、CSAW QUALS 2016的所有关卡的writeup、添加Egress Brute Force(不停的测试外联的端口)到PowerShell Payloads
国内热词:
微软在北京设立技术透明中心,允许政府查看源代码
思科修复另一个Shadow Brokers 漏洞(密钥交换0day漏洞)
朝鲜不小心泄漏了它的.kp域名DNS数据
中国电信10月开始关停非实名固话及手机
新浪微博测试“谁看过我”功能
资讯类:
新的CRYSIS恶意欺诈软件使用 RDP暴力破解攻击
http://bestsecuritysearch.com/new-campaign-crysis-ransomware-rdp-brute-force-attacks/
android银行木马首先获取你的ROOT权限
https://threatpost.com/android-banking-trojan-first-to-gain-root-privileges/120707/
技术类:
metasploit静态key反序列化漏洞导致的RCE漏洞公告,尽快升级metasploit,中文预警在http://bobao.360.cn/learning/detail/3047.html
BackConnect的可疑BGP劫持行为
http://research.dyn.com/2016/09/backconnects-suspicious-bgp-hijacks/
Ruby OpenSSL + GCM Nonce的重用BUG
http://www.openwall.com/lists/oss-security/2016/09/19/9
CSAW QUALS 2016的所有关卡的writeup
https://github.com/isislab/CSAW-CTF-2016-Quals
https://github.com/ernw/ctf-writeups/tree/master/csaw2016
添加Egress Brute Force(不停的测试外联的端口)到PowerShell Payloads
http://www.blackhillsinfosec.com/?p=5290
几种技术的结合导致的Google基于DOM的XSS
http://sasi2103.blogspot.in/2016/09/combination-of-techniques-lead-to-dom.html
在移动操作系统上的恶意应用程序的威胁分析
https://www.ernw.de/download/newsletter/ERNW_Newsletter_55_Threat_Analysis_v1.0_signed.pdf
如何在BeagleBone的PRU单片机上运行C程序
http://www.righto.com/2016/09/how-to-run-c-programs-on-beaglebones.html
RogueKiller新增WMI扫描选项
http://www.adlice.com/roguekiller-inside-wmi-scanner/
Key Compromise Impersonation attacks (KCI)
http://cryptologie.net/article/372/key-compromise-impersonation-attacks-kci/
CVE-2016-3883:Android的付费短信警告处理漏洞公告
https://labs.mwrinfosecurity.com/assets/BlogFiles/android-premum-sms-advisory-2016-09-20.pdf
一些比较好的安全会议整理
https://github.com/PaulSec/awesome-sec-talks
ISAKMP扫描和潜在的漏洞
http://blog.shadowserver.org/2016/09/20/isakmp-scanning-and-potential-vulnerabilities/
文章原文链接:https://www.anquanke.com/post/id/84600
