http://p6.qhimg.com/t017313015b51e6034e.png


热点概要:识别和利用DLL预载入漏洞、intel发布新的技术保护ROP攻击、nt!NtMapUserPhysicalPages和内核Stack-Spraying技术、玩转CSRF之挖洞实例分享


国内热词:


 Chrome 55默认使用HTML5

 黑客从俄罗斯央行窃取了3100万美元

资讯类:


 来自CloudFlare的专家关注新的威胁僵尸网络

 http://securityaffairs.co/wordpress/54042/malware/new-mirai-like-botnet.html

技术类:


改善Email加密和安全认证

https://protonmail.com/blog/encrypted_email_authentication/

在stack overflow问的PHP问题中包含SQL注入漏洞的统计

https://laurent22.github.io/so-injections/

安全处理用户上传的文件

https://chloe.re/2016/12/04/dealing-with-user-uploaded-files/

使用反射XSS配合form-action绕过CSP

https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-reflected-xss/

识别和利用DLL预载入漏洞

https://sensepost.com/blog/2016/rattleridentifying-and-exploiting-dll-preloading-vulnerabilities/

恶意软件CERBER 5.0.1采用新的多线程方法

http://blog.fortinet.com/2016/12/02/cerber-5-0-1-arrives-with-new-multithreading-method

Windows 内核利用:空指针引用

http://www.fuzzysecurity.com/tutorials/expDev/16.html

intel发布新的技术保护ROP攻击

http://blogs.intel.com/evangelists/2016/06/09/intel-release-new-technology-specifications-protect-rop-attacks/

DPAT:域密码审计工具

https://github.com/clr2of8/DPAT

SSH端口转发和隧道的使用

http://www.10degres.net/port-forwarding-and-tunneling/

nt!NtMapUserPhysicalPages和内核Stack-Spraying技术

http://j00ru.vexillium.org/?p=769

SAMRi10:在Windows 10/Server 2016中加固SAM远程访问

https://gallery.technet.microsoft.com/SAMRi10-Hardening-Remote-48d94b5b

对Shamoon 2.0 恶意软件的分析

https://www.codeandsec.com/Sophisticated-CyberWeapon-Shamoon-2-Malware-Analysis

玩转CSRF之挖洞实例分享

https://www.ohlinge.cn/web/web_csrf.html

Edge新增安全机制—MemGC

http://www.arkteam.net/?p=1393

文章原文链接:https://www.anquanke.com/post/id/85050