4月10日-每日安全知识热点

http://p0.qhimg.com/t01f7ef32da341925d2.jpg

1、反向工程路由器第一部分:识别硬件DEBUG口,另一篇不错的类似文章http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/

http://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/

2、blackhat asia 16 议题:I’m not a human: Breaking the Google reCAPTCHA (破解GOOGLE验证码)

https://www.blackhat.com/docs/asia-16/materials/asia-16-Sivakorn-Im-Not-a-Human-Breaking-the-Google-reCAPTCHA-wp.pdf

3、如果你不能破解加密体系,可以从客户端入口,恢复iMessage明文信息

https://www.bishopfox.com/blog/2016/04/if-you-cant-break-crypto-break-the-client-recovery-of-plaintext-imessage-data/

4、volgactf Five Blocks (Crypto 600) Writeup

http://samvartaka.github.io/cryptanalysis/2016/04/08/volgactf-fiveblocks-writeup

5、Google UI_Redressing bug能够泄露用户的EMAIL地址

http://blog.mazinahmed.net/2016/03/google-ui-redressing-bug-that-discloses-email-addresses.html

6、Infiltrate 2016 会议的议题: All Your Browsers Belong To Us

https://github.com/LifeForm-Labs/all_your_browsers_belong_to_us

7、Linx内核架构

http://www.lancaster.ac.uk/undergrad/stanev/References/Professional%20Linux%20Kernel%20Architecture.pdf

8、ANDORID蓝牙配对认证绕过漏洞分析

https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-android-bluetooth-pairing-bypass-2016-04-08.pdf

9、2016嵌入式LINUX会议所有议题

http://events.linuxfoundation.org/events/embedded-linux-conference/program/slides

10、动态二进制分析

http://triton.quarkslab.com/files/sthack2016-rthomas-jsalwan.pdf

11、为即将披露的BADLOCK漏洞做准备,封锁139/445

http://malwarejake.blogspot.tw/2016/04/getting-ready-for-badlock.html

12、LOCKY,TESLACRYPT以及其他的恶意勒索软件家族开始使用新工具来逃避检测

http://researchcenter.paloaltonetworks.com/2016/04/unit42-ransomware-locky-teslacrypt-other-malware-families-use-new-tool-to-evade-detection/

13、反向工程流行的555d时钟芯片(CMOS版)

http://www.righto.com/2016/04/teardown-of-cmos-555-timer-chip-how.html

14、为什么说BAndroid漏洞是严重的

http://www.few.vu.nl/~vvdveen/bandroid.html

15、APT6中的恶意软件的yara规则

https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt6_malware.yar

16、mumblehard恶意软件将成千的linux服务器变成垃圾邮件的僵尸网络

http://betanews.com/2016/04/09/mumblehard-malware-4000-linux-servers-spam-botnet-eset/

17、数据防泄露保护产品的一些安全问题

https://speakerdeck.com/quine/the-kitchens-finally-burned-down-dlp-security-bakeoff

18、lisa:号称explolit开发的瑞士军刀

https://github.com/ant4g0nist/lisa.py

免责声明:文章内容不代表本站立场,本站不对其内容的真实性、完整性、准确性给予任何担保、暗示和承诺,仅供读者参考,文章版权归原作者所有。如本文内容影响到您的合法权益(内容、图片等),请及时联系本站,我们会及时删除处理。查看原文

为您推荐