http://p2.qhimg.com/t01ee0ded1a480b06ce.jpg

1、cloudflare开启通用DNSSEC,为每个域名增加DNS安全

https://blog.cloudflare.com/introducing-universal-dnssec/

2、通过硬件可视化实现收集和分析恶意软件

http://tklengyel.com/thesis.pdf


3、分析darkhotel木马的"just-in-time"解密

http://labs.lastline.com/defeating-darkhotel-just-in-time-decryption

4、aamo:android恶意软件混淆工具

https://github.com/necst/aamo


5、adobe flash CVE-2015-7663 分析以及缓解措施

https://www.endgame.com/blog/adobe-flash-vulnerability-cve-2015-7663-and-mitigating-exploits

6、THC-IPV6-ATTACK-TOOLKIT:知名黑客thc组织的ipv6攻击工具包发行

https://github.com/vanhauser-thc/thc-ipv6


7、Minnowboard Max: Booting Linux Securely

http://prosauce.org/blog/2015/10/31/booting-linux-securely

8、mac osx上的cukoo沙盒

https://www.honeynet.org/node/1275


9、nccgroup发行的基于公网的IP信誉数据来生成Snort规则的工具

https://github.com/nccgroup/IP-reputation-snort-rule-generator

10、Dissecting Inline Hooks

http://www.binaryguard.com/bgc/malware/sandbox/2015/11/09/dissecting_inline_hooks.html


11、linux欺诈软件使用time()生成密钥,导致加密key可以预测

http://labs.bitdefender.com/2015/11/linux-ransomware-debut-fails-on-predictable-encryption-key/

12、pledge:openbsd项目,一个新的缓解机制

http://www.openbsd.org/papers/hackfest2015-pledge/mgp00001.html


13、Jenkins非认证账户恢复漏洞

https://www.exploit-db.com/exploits/38664/

14、CVE-2015-6038:微软offcie excel非初始化指针远程代码执行漏洞

http://www.zerodayinitiative.com/advisories/ZDI-15-543/


15、CVE-2015-6094(MS15-116):微软offcie excel UAF远程代码执行漏洞

http://www.zerodayinitiative.com/advisories/ZDI-15-546/

16、MS15-118 – Important: Security Update for .NET Framework to Address Elevation of Privilege (3104507) – Version: 1.0 (.net framework提权漏洞)

https://technet.microsoft.com/en-us/library/security/MS15-118


17、bookworm木马分析

http://researchcenter.paloaltonetworks.com/2015/11/bookworm-trojan-a-model-of-modular-architecture/

文章原文链接:https://www.anquanke.com/post/id/82887