SecWiki周刊(第69期)
2015/06/22-2015/06/28
安全资讯
[运维安全]  Domain name WHOIS anonymity hangs in the balance under ICANN proposal
http://arstechnica.com/tech-policy/2015/06/domain-name-whois-anonymity-hangs-in-the-balance-under-icann-proposal/
[恶意分析]  Not all anti-virus firms are of interest to the NSA and GCHQ
https://grahamcluley.com/2015/06/anti-virus-companies-nsa-gchq-leaked-documents-reveal/
[运维安全]  如何推动安全策略
http://www.ayazero.com/?p=54
[恶意分析]  North America hosts one in five of the world's botnets
http://www.v3.co.uk/v3-uk/news/2414188/north-america-hosts-one-in-five-of-the-worlds-botnets
[恶意分析]  NSA监控全球杀毒公司以获取病毒样本
http://www.cio.com.cn/eyan/397800.html?from=timeline&isappinstalled=0
[其它]  中国黑客
http://mp.weixin.qq.com/s?__biz=MTA3NDI5ODU0MQ==&mid=210013213&idx=1&sn=5871afead96d9515c060c3bc140b7767
[会议]  DEF CON’s first DEMO LABS
https://www.defcon.org/html/defcon-23/dc-23-demo-labs-schedule.html
安全技术
[移动安全]  CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox
https://github.com/idanr1986/cuckoo-droid
[移动安全]  基于Xposed的Hook工具-AndroidEagleEye
https://github.com/MindMac/AndroidEagleEye
[工具]  Black Hat USA 2015 小工具列表
https://www.blackhat.com/us-15/arsenal.html
[恶意分析]  Fireshark a free web analysis tool
http://fireshark.org/
[漏洞分析]  What is a "good" memory corruption vulnerability?
http://googleprojectzero.blogspot.com/2015/06/what-is-good-memory-corruption.html
[数据挖掘]  Intel* Deep Learning Framework
https://01.org/zh/intel-deep-learning-framework
[恶意分析]  VBScan - An Black Box vBulletin Vulnerability Scanner
http://www.kitploit.com/2015/06/vbscan-black-box-vbulletin.html?utm_source=dlvr.it&utm_medium=twitter
[恶意分析]  Magnitude EK: Traffic Analysis (08/05/2015)
http://www.fuzzysecurity.com/tutorials/21.html
[Web安全]  乌云2015年白帽子大会 puzzle writeup
http://summit.wooyun.org/puzzle/detail#!
[恶意分析]  Adobe Flash Zero-Day in APT3 Phishing Campaign
https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
[移动安全]  PATDroid (A Program Analysis Toolkit for Android)
https://github.com/mingyuan-xia/PATDroid
[恶意分析]  linux ddos恶意软件分析
http://drops.wooyun.org/tips/6711
[移动安全]  Android应用分析进阶教程之一- 初识JEBAPI
http://drops.wooyun.org/mobile/6665
[数据挖掘]  Natural Language Processing With Neo4j
http://www.lyonwj.com/2015/06/16/nlp-with-neo4j/
[运维安全]  企业安全管理(二)
http://drops.wooyun.org/tips/6683
[恶意分析]  AJAX Exploit Kit - Now At Scale
https://blog.fortinet.com/post/ajax-exploit-kit-now-at-scale
[Web安全]  EarthWorm:便携式的网络穿透工具
http://rootkiter.com/EarthWorm/
[移动安全]  对360通信录加密方式的技术分析
http://www.freebuf.com/articles/terminal/70802.html
[取证分析]  Report Template for Threat Intelligence and Incident Response
https://zeltser.com/cyber-threat-intel-and-ir-report-template/
[Web安全]  Advanced SQL Injection
https://blog.nvisium.com/2015/06/advanced-sql-injection.html
[漏洞分析]  Windows Kernel Exploitation : This Time Font hunt you down in 4bytes
https://speakerdeck.com/zer0mem/windows-kernel-exploitation-this-time-font-hunt-you-down-in-4bytes
[漏洞分析]  Analysis and Exploitation of an ESET Vulnerability
http://googleprojectzero.blogspot.com/2015/06/analysis-and-exploitation-of-eset.html
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第69期)