SecWiki周刊（第141期)

SecWiki周刊（第141期）

2016/11/07-2016/11/13

安全资讯

[事件] 瑞士电信公司遭黑客攻击泄露瑞士全国30000+基础设施
http://www.mottoin.com/91457.html

[事件] 最近的网络世界有点儿不平静
http://mp.weixin.qq.com/s?__biz=MzAwMTUyMjQ5OA==&mid=2650963329&idx=1&sn=fb726902467e9bf8d92e61289c5e0d16&chksm=812eb3acb6593aba96ba2607a8816e836fc1c4ccd50f88eacb2c9ffa40b64018ca1012bc7b50&mpshare=1&scene=1&srcid=1108ykyiBuPS9IusXw50EwMt#wechat_redir

[运维安全] OWASP ModSecurity Core Rule Set Version 3.0.0 Released
https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2016-November/002265.html

[移动安全] 11月安卓安全补丁风险评估
http://appscan.360.cn/blog/?p=171

[移动安全] Google阻止一起利用恶意AdSense 广告的攻击
http://www.solidot.org/story?sid=50302

[事件] 加拿大“ODAC”监控计划曝光已非法保留十年的元数据
http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655294562&idx=1&sn=aebb731a26903372f145da1a39d6f31d&chksm=f02fe829c758613f49b51717075785d72f7f860a8cc15d4f62857ca6177d4647c5e2e68e9785&mpshare=1&scene=1&srcid=11054pakXaFJDsMdVp5MhkFK#rd

[设备安全] 《工业控制系统信息安全防护指南》解读
http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057656/n3057660/c5346569/content.html?from=timeline&isappinstalled=0

[法规] 《网络安全法》草案三次审议稿（全文）
https://www.easyaq.com/newsdetail/id/895852407.shtml

[恶意分析] Heimdall Open-Source PHP Ransomware Targets Web Servers
http://www.bleepingcomputer.com/news/security/heimdall-open-source-php-ransomware-targets-web-servers/

[其它] Russian Intel Bots Are Boosting Infowars Alt-Right Twitter Accounts For Trump
http://heatst.com/world/russian-intel-bots-are-boosting-infowars-alt-right-twitter-accounts-for-trump/

[人物] 【人物】吴树鹏：变动不居，四十不惑
http://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652876060&idx=1&sn=202d24cc2e1ba7c8c239c7c4c3f95243&chksm=f3414234c436cb2287fa1b48ef117c18a86a734e3f7c6a694aea9d5e42c3c742742243b8a9b2&scene=0#rd

[会议] CSS 2016 安全盛会：量子通信、数字空间、认知安全
http://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652876120&idx=1&sn=4cbfe9fa0c5bc5c39bad1560ed03b9cd&chksm=f3414270c436cb66d4b9d62b83ef056c74e01dd3c8734d7678cc56046fdfc67d6be9cdf2c9d1&scene=0#rd

[新闻] 阿桑奇惊天指控希拉莉与IS同一金主
http://dailynews.sina.com/gb/news/int/kwongwah/20161105/22397593710.html

[新闻] 特朗普上台后必须考虑的10大关键网络安全问题
http://www.mottoin.com/91742.html

[事件] DTCC调查显示：网络威胁已经成为全球金融系统排名第一的风险
http://www.mottoin.com/91757.html

[事件] 美国联邦调查局是如何在8天内检查完65万封电子邮件的
http://www.mottoin.com/91467.html

[其它] 黑客小说杀手（第九章恶作剧）
http://www.jianshu.com/p/097d82a208f1

[法规] 网络安全法来了，对个人和企业有哪些影响
http://news.xinhuanet.com/legal/2016-11/10/c_1119887226.htm

[新闻] GCHQ wants internet providers to rewrite systems to block hackers
http://www.telegraph.co.uk/technology/2016/11/05/gchq-wants-internet-providers-to-rewrite-systems-to-block-hacker/

[人物] 黑客炼金术士 Seeker：可以攻破 4G 摸到你短信，还要为朝阳群众提供谍战工具
http://mp.weixin.qq.com/s?__biz=MzA4ODUxNjIwMg==&mid=2654323727&idx=1&sn=ea96b6f3935d8d2720ff413943af9367&chksm=8be9970abc9e1e1c3df7312a82e30b2a4554be6e3258a66eb300ed6a2dfee985e4d5c2168b20&mpshare=1&scene=2&srcid=1110scyGRL4q3Bnftk0qfvCo&from=timeline#rd

安全技术

[论文] CCS 2016 安全顶级会议视频
https://www.youtube.com/channel/UCUuxpXcE3S0Uu14JIEGn5vA

[Web安全] CTF常见php猥琐小段代码审计
https://github.com/louchaooo/louchaooo.github.io/issues/20

[运维安全] F-Scrack: 一款Python编写的轻量级弱口令检测脚本
https://github.com/ysrc/F-Scrack

[恶意分析] 使用IMA扩展Linux可执行日志记录
http://www.mottoin.com/91717.html

[移动安全] Android 应用重打包检测的新姿势
http://securitygossip.com/blog/2016/11/07/2016-11-07/

[其它] IoT Goes Nuclear: Creating a ZigBee Chain Reaction[PDF]
http://iotworm.eyalro.net/iotworm.pdf

[无线安全] WiFi-Based IMSI Catcher
https://www.blackhat.com/docs/eu-16/materials/eu-16-OHanlon-WiFi-IMSI-Catcher.pdf

[会议] 带你走进维也纳版的CCS2016（现场报告点评一）
http://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652306979&idx=1&sn=c0be042daccf25bde617c0bad4c53594&chksm=8bc563adbcb2eabbb882c08281d9f4fecaa8061dd87a8766d373ad2b7f66a08313befb9cca5a&scene=0#rd

[编程技术] geoip-attack-map:Cyber Security GeoIP Attack Map Visualization
https://github.com/matcmay/geoip-attack-map

[恶意分析] 物联网僵尸Mirai源码分析和沙箱运行演示
http://www.freebuf.com/articles/network/119403.html

[运维安全] 自制攻击欺骗防御系统
https://www.xsec.io/2016/11/2/how-to-develop-a-unreal.html

[编程技术] 云计算Docker虚拟化公益大讲坛
http://list.youku.com/albumlist/show?id=23813235&ascending=1&page=1

[恶意分析] PhishFinder: Hook, Line and Sinker 自动化分析钓鱼网站
https://blog.opendns.com/2016/11/11/phishfinder-hook-line-sinker/

[运维安全] 【公益译文】威胁情报的定义及使用
http://blog.nsfocus.net/threat-intelligence-definition/

[无线安全] WiFi渗透流程整理
http://www.ohvirus.com/1.code/2016-10-19-wifi-safe-step.html

[数据挖掘] 使用sklearn做单机特征工程
http://www.cnblogs.com/jasonfreak/p/5448385.html

[其它] Collective Intelligence Framework
http://csirtgadgets.org/

[运维安全] urlwatch: A tool for monitoring webpages for updates
https://github.com/thp/urlwatch

[Web安全] Clever Gmail Hack Let Attackers Take Over Accounts
https://threatpost.com/clever-gmail-hack-let-attackers-take-over-accounts/121818/

[数据挖掘] spaCy: Industrial-strength Natural Language Processing (NLP) with Python
https://github.com/explosion/spaCy

[Web安全] Bypass Imperva by confusing HTTP Pollution Normalization Engine
http://seclists.org/fulldisclosure/2016/Nov/22?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29

[移动安全] Nathan：Android安全测试模拟器
http://www.mottoin.com/91660.html

[其它] BlackNurse Denial of Service Attack
http://www.netresec.com/?page=Blog&month=2016-11&post=BlackNurse-Denial-of-Service-Attack

[Web安全] Tplmap：一个自动化的服务端模板注射攻击检测和漏洞利用工具
http://www.mottoin.com/91727.html

[移动安全] Build Your Own PwnPhone
https://n0where.net/build-your-own-pwnphone/

[恶意分析] 打造免杀JScript
http://www.mottoin.com/91459.html

[比赛] 第四届通信网络安全知识技能竞赛心得与部分writeup
http://www.mottoin.com/91586.html

[漏洞分析] 使用浏览器的计算力，对抗密码破解
https://www.cnblogs.com/index-html/p/frontend_kdf.html

[Web安全] Gmail帐号劫持漏洞
http://www.mottoin.com/91406.html

[Web安全] Crawlic: Web recon tool (扫描临时文件、目录和子域名查询)
https://github.com/Ganapati/Crawlic

[编程技术] Cyber security geoip attack map that follows syslog and parses IPs/port numbers
https://github.com/matcmay/geoip-attack-map/

[漏洞分析] 漏洞预警：D-Link路由器远程命令执行
http://www.mottoin.com/91571.html

[移动安全] Disassembling a Mobile Trojan Attack
https://securelist.com/blog/research/76286/disassembling-a-mobile-trojan-attack/

[Web安全] 利用服务端请求伪造（SSRF）攻击进入内网
http://www.mottoin.com/91641.html

[编程技术] 国内互联网公司的开源项目汇集
http://www.tuicool.com/wx/riMNraa?from=timeline&isappinstalled=0

[其它] PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tan
https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/

[Web安全] Automated W3AF Scanning with Slack Alerting
http://jerrygamblin.com/2016/11/09/automated-w3af-scanning-with-slack-alerting/

[Web安全] 利用 Python 代码实现 Web 应用的注入
http://www.mottoin.com/91638.html

[恶意分析] MalwareTech绘制Mirai等僵尸网络地图
http://mp.weixin.qq.com/s?__biz=MzI4ODA4MTcxMA==&mid=2649549995&idx=1&sn=dd4bc55b1fc0c073141b109f9652161e&chksm=f3db9eeac4ac17fcf82823c575d65d9e93c0d70fa96dbe2f3bc12dff26fb51144417acd4b41e&scene=0#rd

[编程技术] HeadlessBrowsers: Ajax爬虫技术中的无界面浏览器集合
https://github.com/dhamaniasad/HeadlessBrowsers

[设备安全] 产业发展新势能：读《工业控制系统信息安全防护指南》的管窥之见
http://plcscan.org/blog/2016/11/guide-for-information-security-protection-of-industrial-control-systems/?from=timeline&isappinstalled=0

[漏洞分析] 漏洞预警：Sophos Web Appliance远程代码执行漏洞
http://www.mottoin.com/91413.html

[文档] Python basic cheatsheet
https://www.pythonsheets.com/notes/python-basic.html

[工具] DRAKVUF：黑盒二进制分析平台
http://www.mottoin.com/91636.html

[Web安全] novahot： A webshell framework for penetration testers.
https://github.com/chrisallenlane/novahot

[Web安全] Tumblr XSS Exploit
http://blog.andrewlang.net/post/152805939304/tumblr-xss-exploit

[运维安全] kids：知乎日志系统开源
https://zhuanlan.zhihu.com/p/19919584?refer=hackers

[Web安全] Mac OSX系统下的渗透利用工具Empyre
http://www.freebuf.com/sectool/118715.html

[移动安全] MMeTokenDecrypt：Decrypts and extracts iCloud and MMe authorization tokens
https://github.com/manwhoami/MMeTokenDecrypt

[Web安全] pentest-wiki: 渗透测试分阶段资料库
https://github.com/nixawk/pentest-wiki

[杂志] SecWiki周刊（第140期)
https://www.sec-wiki.com/weekly/140

[漏洞分析] POINTYFEATHER aka Tar extract pathname bypass
https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt

[运维安全] TheHive: A Scalable, Open Source and Free Incident Response Platform
https://blog.thehive-project.org/2016/11/07/introducing-thehive/

[编程技术] Wukong 反作弊系统缓存的优化
https://zhuanlan.zhihu.com/p/23509238

[工具] Azurite：一款云服务安全审计工具
http://www.mottoin.com/91483.html

[运维安全] 深度剖析开源分布式监控系统CAT的设计思路
http://mp.weixin.qq.com/s?__biz=MjM5MDE0Mjc4MA==&mid=2650994700&idx=1&sn=1707a511b34b83fcc72863502bd63ee1&chksm=bdbf005f8ac88949ba212e9b82a98945f15a1e0ea17279a37ca4df5b127481dcdd7973bbb549&scene=0#rd

[恶意分析] 一次XorDDos变种样本的分析实战记录(附工具下载）
http://www.freebuf.com/articles/system/119374.html

[工具] Radium-Keylogger：基于Python的多功能键盘记录
http://www.mottoin.com/91644.html

[Web安全] SQLi, Privilage Escalation, and PowerShell Empire
https://glanfield.co.uk/sqli-privilage-escalation-and-powershell-empire/

[设备安全] Tracking The IoT Botnet Army
https://www.pwnieexpress.com/blog/tracking-the-iot-botnet-army?utm_content=41783430&utm_medium=social&utm_source=twitter

[论文] 带你走进维也纳版的CCS2016（现场报告点评二）
http://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652306988&idx=1&sn=4e75122a5a31b1e7f4d18eb66774bb91&chksm=8bc563a2bcb2eab43dfc0b7d65f5114bd6ade03dc6ee33f31eb5fb896382a2b385e235ea86f9&scene=0#rd

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第141期)

SecWiki周刊（第141期）

最新公告

友情链接

SecWiki公众号

安全学术圈