SecWiki周刊(第138期)
2016/10/17-2016/10/23
安全资讯
[事件]  今早,半个美国互联网瘫痪事件
http://mp.weixin.qq.com/s?__biz=MzAwNjUyMTA3Mw==&mid=2651060647&idx=1&sn=57572be5cac6039ad118852b15fb2f6b&chksm=80fb7039b78cf92f5282dd2b35b0ec1e4bb3121cf734da8458a6cda940273632dc1c220e6c51&mpshare=1&scene=2&srcid=10223KtlQ61wiPm8zsUvMW3U&from=timeline&isappinstalled=0#rd
[新闻]  信息安全市场的供需困境
http://www.sec-un.org/%e4%bf%a1%e6%81%af%e5%ae%89%e5%85%a8%e5%b8%82%e5%9c%ba%e7%9a%84%e4%be%9b%e9%9c%80%e5%9b%b0%e5%a2%83-2.html
[会议]  点融秋季安全沙龙:10月30日,上海,等你。
http://www.freebuf.com/fevents/117176.html
[新闻]  Russia Hackers to Blame for Wikileaks Emails
http://www.esquire.com/news-politics/a49791/russian-dnc-emails-hacked/
[恶意分析]  APT攻击的再认识与重要目标体系防护
http://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664107961&idx=1&sn=c4a437dbec7a7c7d5b2f550d537fb2d3&chksm=8b5e0d40bc2984566182f91a9cf51f1f3415c7a50108a1199ca529201de1a07b126a7a32b98b&scene=0#rd
[新闻]  被捕的NSA合同工窃取了50TB的数据
http://www.solidot.org/story?sid=50083
[事件]  Yahoo Asks DNI to De-Classify Email Scanning Order
https://threatpost.com/yahoo-asks-dni-to-de-classify-email-scanning-order/121416/
安全技术
[Web安全]  phpmyadmin 某版本任意文件包含漏洞(无需登录)分析
https://www.92aq.com/2016/08/23/phpmyadmin-arbitrary-file-include.html
[Web安全]  【代码审计】对Beescms SQL注入漏洞的进一步思考
https://www.ohlinge.cn/php/beescms_login_sql.html
[编程技术]  Linux 进程隐藏的一种实现思路
http://mp.weixin.qq.com/s?__biz=MzIxNDI0MDAxNg==&mid=2247483701&idx=1&sn=be805507c60abf91f05d76c9f9791a66&chksm=97abdf4aa0dc565c69ff399c26db51b677902ab43bf91a6933dc5803bf5809122d7a6c324008&scene=4#wechat_redirect
[Web安全]  子域名搜集思路与技巧梳理
http://mp.weixin.qq.com/s?__biz=MzIxNDI0MDAxNg==&mid=2247483684&idx=1&sn=dbc58596968b2203262c6cc71d89795a&chksm=97abdf5ba0dc564d84a1ddbeaaef49f2aa905a227d616637d9cef5583552e88c2e46a5da9b37&mpshare=1&scene=1&srcid=1018QHnHkSDI89AyGz2ANyWE#rd
[移动安全]  告诉你被盗的iPhone是如何一步步被黑客解锁的
http://bobao.360.cn/news/detail/3670.html
[Web安全]  XSS跨站点脚本的介绍和代码防御
http://blog.csdn.net/qq_29277155/article/details/52895135
[Web安全]  Kali教程中英文版(离线)
https://github.com/louchaooo/kali-tools-zh
[移动安全]  AndroidLinker与SO加壳技术之上篇
http://yaq.qq.com/blog/14
[编程技术]  cookie操作详解
https://github.com/louchaooo/louchaooo.github.io/issues/22#issuecomment-254157134
[Web安全]  GourdScanV2: 被动式漏洞扫描系统
https://github.com/ysrc/GourdScanV2
[漏洞分析]  CVE-2016-6187: Exploiting Linux kernel heap off-by-one
https://cyseclabs.com/blog/cve-2016-6187-heap-off-by-one-exploit
[Web安全]  wooyun-wiki: wiki.wooyun.org的部分快照网页
https://github.com/l3m0n/wooyun-wiki
[漏洞分析]  NSA方程式组织BANANAGLEE工具集分析
http://blog.jowto.com/?p=180
[恶意分析]  Hacking JasperReports:隐藏的SHELL特征
http://www.mottoin.com/90582.html
[运维安全]  Malicious Outlook Rules
https://silentbreaksecurity.com/malicious-outlook-rules/
[数据挖掘]  机器学习之识别简单验证码
https://www.iswin.org/2016/10/15/Simple-CAPTCHA-Recognition-with-Machine-Learning/
[视频]  【ISC 2016视频集锦】HackPwn智能家居机器人破解秀
http://bobao.360.cn/course/detail/171.html
[漏洞分析]  吾爱破解动画大赛2016作品列表
http://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651132606&idx=1&sn=fc37c55bfb9fdada9a6b8cc33781df31&chksm=bd5082ea8a270bfce2e0d7a591f5aaed7ea34d41c373453d4c9fc9e4401981c18bf6309d3004&scene=21#wechat_redirect
[恶意分析]  Palo Alto Networks Discovers Two Adobe Reader Privileged JavaScript Zero-Days
http://researchcenter.paloaltonetworks.com/2016/10/unit42-palo-alto-networks-discovers-two-adobe-reader-privileged-javascript-zero-days/
[漏洞分析]  Exploit generation and JavaScript analysis automation with WinDBG
http://theevilbit.blogspot.hk/2016/10/exploit-generation-and-javascript.html
[运维安全]  金融反欺诈-交易基础介绍
http://mp.weixin.qq.com/s?__biz=MzIzMDYwMDMxNA==&mid=2247483671&idx=1&sn=0760c5dfda874bb916d2ed6cf811d3d9&chksm=e8b1ba02dfc63314cbb64243a54bde60fdff85465f06e4ef31bd400f8a71567d8fb39635da81&mpshare=1&scene=2&srcid=1017IQyLDvcDhE604gfVNOc6
[取证分析]  Vin.place and Airbag:美国机动车编号与人名查询平台
https://nullsecure.org/introducing-airbag-maltego-transforms-for-vehicles-and-addresses/
[漏洞分析]  “Dirty COW” Race Condition Privilege Escalation (SUID)
http://www.mottoin.com/90834.html
[恶意分析]  Decoders for 7ev3n ransomware
https://hshrzd.wordpress.com/2016/06/13/decoder-for-7ev3n-ransomware/
[数据挖掘]  有趣的机器学习:最简明入门指南
http://mp.weixin.qq.com/s?__biz=MzA4MjEyNTA5Mw==&mid=2652564243&idx=1&sn=3c700e51ef06462fb1aa8d4391374791&chksm=8464c359b3134a4f1557a6af0b8b9d9849f4ffc9e79e69fb593b8dae3617c4bae3da2553cf15&mpshare=1&scene=2&srcid=10205xn3FzkFcZzlKKEihavf&from=timeline&isappinstalled=0#rd
[比赛]  由HITCON 2016一道Web聊一聊PHP反序列化漏洞
http://www.freebuf.com/vuls/116705.html
[数据挖掘]  对移动用户人口属性进行预测,吸引近两千支队伍参加的Kaggle竞赛作品解析
http://mp.weixin.qq.com/s?__biz=MzA5NzkxMzg1Nw==&mid=2653161034&idx=1&sn=ead9f45c2ac9321fce34ded09e9139c7&chksm=8b493b24bc3eb2326f675e2c1d9c538cd254d2bc308b427871890cb76ab0f2e01e0756901876&mpshare=1&scene=1&srcid=1020J0Ptgy5zChZKeSXP6oH7#rd
[漏洞分析]  Dirty COW (CVE-2016-5195) privilege escalation vulnerability in the Linux
https://dirtycow.ninja/
[数据挖掘]  Python 提取《釜山行》人物关系
http://www.jianshu.com/p/3bd06f8816d7#
[Web安全]  BurpSuite插件分享:图形化重算sign和参数加解密插件
http://www.mottoin.com/90666.html
[恶意分析]  MBRFilter:Open Source Tool to Protect Against 'Master Boot Record' Malware
http://thehackernews.com/2016/10/protect-mbr-malware.html
[漏洞分析]  Spring Security OAuth RCE (CVE-2016-4977) 漏洞分析
http://paper.seebug.org/70/
[恶意分析]  Errata Security: Some notes on today's DNS DDoS
http://blog.erratasec.com/2016/10/some-notes-on-todays-dns-ddos.html
[取证分析]  Extracting LastPass Site Credentials from Memory
https://techanarchy.net/2016/10/extracting-lastpass-site-credentials-from-memory/
[数据挖掘]  使用sklearn进行数据挖掘
https://www.52ml.net/20158.html
[恶意分析]  Windows zero-day exploit used in targeted attacks by FruityArmor APT
https://securelist.com/blog/research/76396/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/
[Web安全]  使用 XML 内部实体绕过 Chrome 和 IE 的 XSS 过滤器
http://paper.seebug.org/80/
[编程技术]  inficere: Mac OS X rootkit - for learning purposes
https://github.com/enzolovesbacon/inficere
[其它]  中文技术文档的写作规范
http://www.ruanyifeng.com/blog/2016/10/document_style_guide.html
[数据挖掘]  老王带你搞定社交网络分析II——多维宇宙行动
http://mp.weixin.qq.com/s?__biz=MzIxMjUyODM3OQ==&mid=2247483783&idx=1&sn=44099744a51a74aceb13a586309b33bb&chksm=9745fc13a0327505a5cc8578c63bf221dd95b83b79f5496b4ffdc7d93a9ac3930085f53b9fa2&mpshare=1&scene=2&srcid=1019rmd4yUYMuYa1ZbmgiWjh
[数据挖掘]  使用sklearn做单机特征工程
https://www.52ml.net/20145.html
[移动安全]  使用Spade Apk后门Hack任意Andorid手机
http://www.mottoin.com/90613.html
[杂志]  SecWiki周刊(第137期)
https://www.sec-wiki.com/weekly/137
[Web安全]  CSP的今世与未来
http://www.freebuf.com/articles/web/116836.html
[移动安全]  QQ手机浏览器“虫洞漏洞”挖掘分析全过程
http://appscan.360.cn/blog/?p=165
[其它]  谈一谈我在阿里的成长
http://www.barretlee.com/blog/2016/10/21/my-growth-at-alibaba/
[移动安全]  android_vuln_poc-exp: pocs and exploits for android vulneribilities
https://github.com/jiayy/android_vuln_poc-exp
[数据挖掘]  An awesome list of high-quality open datasets
https://github.com/caesar0301/awesome-public-datasets
[论文]  Human or malware? Detection of malicious Web requests
https://e-collection.library.ethz.ch/eserv.php?pid=eth:49738&dsID=eth-49738-01.pdf
[设备安全]  【公益译文】关键基础设施系统攻击的检测、关联与呈现
http://blog.nsfocus.net/detection-association-presentation-critical-infrastructure-system-attacks/
[设备安全]  大量ZIO ROUTER路由器未授权访问
http://t.tips/?action=show&id=23417
[运维安全]  UAC攻击剖析
http://www.mottoin.com/90755.html
[杂志]  Android安全工程师-安全技能
https://www.sec-wiki.com/skill/8
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第138期)