2016-02-23 10:47:53 来源:360安全播报 阅读:200次 点赞(0) 收藏
分享到:
1.像连线杂志报道的那样,黑掉电厂并不容易
https://blindseeker.com/blahg/?p=774
2.基于websocket的egress buster(就是尝试1-65535查看能出网的端口的技术)
http://www.shellntel.com/blog/2016/2/19/websocket-based-egress-buster
3.CVE-2016-2384:usb-midi linux内核驱动的double-free导致任意代码执行分析
https://xairy.github.io/blog/2016/cve-2016-2384
4.cve-2016-0034已被用于exploitpack
http://malware.dontneedcoffee.com/2016/02/cve-2016-0034.html
5.使用开放数据源降低误报
https://isc.sans.edu/diary/Reducing+False+Positives+with+Open+Data+Sources/20755
6.volatilityBot:恶意代码解压提取
https://www.virusbulletin.com/blog/2016/02/vb2015-paper-volatilitybot-malicious-code-extraction-made-and-security-researchers/
7.针对数据保护API(DPAPI)的预览
http://blog.digital-forensics.it/2015/01/happy-dpapi.html
8.使用docker容器进行事件处理
https://blog.rootshell.be/2016/02/22/incident-handling-docker-to-the-rescue/
9.免费的在线工具调查寻找潜在的恶意站点
https://zeltser.com/lookup-malicious-websites/
10.私有的IOS STORE客户端成功逃避APPLE IOS代码审计
http://researchcenter.paloaltonetworks.com/2016/02/pirated-ios-app-stores-client-successfully-evaded-apple-ios-code-review/
11.中国IOS开发者滥用apple app测试证书安装私有app
http://www.csoonline.com/article/3036299/security/chinese-devs-abuse-free-apple-app-testing-certs-to-install-pirated-apps.html#tk.rss_all
12.Bro插件用来检测和解密XOR加密的EXE文件
https://github.com/broala/bro-xor-exe-plugin
13.开放图书馆:免费的安全书籍下载
https://openlibra.com/en/collection/search/category/security_books
14.反向工程arm1处理器微架构
http://www.righto.com/2016/02/reverse-engineering-arm1-processors.html
15.反混淆一个js下载者
http://www.kahusecurity.com/2016/deobfuscating-a-hideous-looking-js-downloader
本文由 360安全播报 原创发布,如需转载请注明来源及本文地址。本文地址:http://bobao.360.cn/news/detail/2756.html