SecWiki周刊(第277期)
2019/06/17-2019/06/23
安全资讯
[新闻]  阿根廷全国大停电
https://mp.weixin.qq.com/s/0p_QrSpJuGSc3IaQB2NMMw
[新闻]  SSH 加入抵御边信道攻击的功能
https://www.solidot.org/story?sid=61080
[观点]  上市网络安全公司现状及战略分析
https://mp.weixin.qq.com/s/3mfChyt7r4rn07tHg_q8NA
[法规]  网络安全漏洞管理规定(征求意见稿)
http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057724/n3057728/c7005976/content.html
安全技术
[Web安全]  详解内网渗透之环境架设
https://www.freebuf.com/articles/network/204769.html
[编程技术]  Python 工匠
https://github.com/piglei/one-python-craftsman
[Web安全]  自助安全扫描与代码审计系统架构实践
https://mp.weixin.qq.com/s/3N3eJzTaMwbznL_aofOjnQ
[Web安全]  F-NAScan-PLUS 安服资产搜集
https://github.com/PINGXcpost/F-NAScan-PLUS
[数据挖掘]  2019年海南省安全等保类项目分析报告
http://www.zhaobiaoneican.com/mobile/analysisDetails?id=95d4314b2cff40648378a672cad4e910
[设备安全]  D-Link路由器HNAP协议系列漏洞披露
https://mp.weixin.qq.com/s/jftToJwRUaHy1cRTxn2aOw
[取证分析]  记一次应急中发现的诡异事件
https://www.freebuf.com/geek/205497.html
[Web安全]  CobaltStrike+MetaSploit 实战联动
https://mp.weixin.qq.com/s/x0txdB7tMEIg1W4v_ZK7Tg
[Web安全]  基于攻防演练的社会工程案例猜想
https://zhuanlan.zhihu.com/p/67953724
[运维安全]  保障IDC安全:分布式HIDS集群架构设计
https://tech.meituan.com/2019/01/17/distributed-hids-cluster-architecture-design.html
[设备安全]  基于 Attiny 85 开发板的 BadUSB 攻击实战
https://laucyun.com/d2faa91d255786348f1399d40229ee68.html
[取证分析]  GScan: Linux主机侧Checklist的自动全面化检测
https://github.com/grayddq/GScan
[恶意分析]  A Remote Access Tool Using Slack as a C2 Channel
https://www.coalfire.com/The-Coalfire-Blog/June-2019/Introducing-Slackor
[观点]  Gartner2019年十大安全项目详解
https://mp.weixin.qq.com/s/dBw_z9oNoTRUQNVTkf1l_w
[杂志]  SecWiki周刊(第276期)
https://www.sec-wiki.com/weekly/276
[取证分析]  一次基于GAO报告的暗网追踪比特币枪支销售的OSINT调查
https://www.4hou.com/technology/18621.html
[漏洞分析]  WhatsApp缓冲区溢出漏洞分析
https://www.anquanke.com/post/id/180459
[恶意分析]  Getting Started with ATT&CK: Detection and Analytics
https://medium.com/mitre-attack/getting-started-with-attack-detection-a8e49e4960d0
[取证分析]  Evading Sysmon DNS Monitoring
https://blog.xpnsec.com/evading-sysmon-dns-monitoring/
[Web安全]  Subdomain takeover via Ngrok service​
https://blog.pareshparmar.com/subdomain-takeover-ngrok/
-----微信ID:SecWiki-----
SecWiki,5年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第277期)