热点概要:GMAIIL帐号劫持漏洞、Cylance研究人员发现的投票机漏洞的细节文档、Tumblr XSS漏洞利用、
国内热词:
中国实现超400公里量子密钥分发 创造世界纪录
Facebook实名制步履维艰 部分用户转用其他网站
网贷监管效果初现 四成网贷平台主动停业良性退出
资讯类:
通过隐蔽的Pin控制攻击PLC系统
http://securityaffairs.co/wordpress/53069/hacking/plc-attacks.html
小心:新的LinedIN钓鱼邮件开始蔓延
http://securityaffairs.co/wordpress/53121/cyber-crime/linkedin-phishing.html?
技术类:
GMAIIL帐号劫持漏洞
http://blog.securityfuse.com/2016/11/gmail-account-hijacking-vulnerability.html
对X3DH(扩展的哈夫曼KEY交换协议)协议的介绍
https://whispersystems.org/docs/specifications/x3dh/
Maldoc With Process Hollowing Shellcode
https://blog.didierstevens.com/2016/11/02/maldoc-with-process-hollowing-shellcode/
rainmap-lite:基于web接口的nmap扫描
https://github.com/cldrn/rainmap-lite
Angry垃圾邮件和欺骗性的宏来投放更新版的hancitor恶意软件
https://blog.fortinet.com/2016/11/02/the-angry-spam-and-the-tricky-macro-delivers-updated-hancitor
sundown 恶意工具利用包开始投放locky勒索软件
昨天推送的Cylance研究人员发现的投票机漏洞,这个是漏洞细节文档
http://votingsystems.cdn.sos.ca.gov/oversight/ttbr/sequoia-source-public-jul26.pdf
Sophos Web Appliance RCE漏洞
https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt
PHV 2016 安全会议视频
https://www.youtube.com/channel/UCnL9S5Wv_dNvO381slSA06w
塔夫茨大学计算机科学系2016年秋季计算机安全课程
https://tuftsdev.github.io/DefenseAgainstTheDarkArts/
Tumblr XSS Exploit
http://blog.andrewlang.net/post/152805939304/tumblr-xss-exploit
揭露暗网服务
https://mascherari.press/untangling-the-dark-web-hackfest-november-2016/
url-collector-telegram:telegram url 收集脚本
https://github.com/cldrn/url-collector-telegram
PortSwigger’s的高级自动化web测试
深入分析 x86/x64 二进制
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_andriesse.pdf
面向开发者的最好的Android库
https://cloudrail.com/best-android-libraries-for-developers/
CTX:防护Breach攻击
FindBugs项目已经不再支持 :(
https://mailman.cs.umd.edu/pipermail/findbugs-discuss/2016-November/004321.html
Hack the Lord of the Root VM (CTF Challenge)
http://www.hackingarticles.in/hack-lord-root-vm-ctf-challenge/
Apple OS X – Kernel IOBluetoothFamily.kext UAF漏洞POC
https://www.exploit-db.com/exploits/40652/
文章原文链接:https://www.anquanke.com/post/id/84858
