12月14日-每日安全知识热点

1、背刺(BackStab):来自恶意软件的针对移动备份数据的攻击

http://researchcenter.paloaltonetworks.com/2015/12/backstab-mobile-backup-data-under-attack-from-malware/

2、攻击酒店WIFI网络

http://resources.infosecinstitute.com/attacks-on-hotel-wi-fi-networks/

3、保护windows网络:kerberos攻击

http://dfir-blog.com/2015/12/13/protecting-windows-networks-kerberos-attacks/

4、超距生物识别技术的展望[PDF]

https://calhoun.nps.edu/handle/10945/47327

5、ossec远程协议使用弱加密

https://github.com/ossec/ossec-hids/issues/714

6、node-routerpwn:利用路由器的EXPLOIT编写的一个库

https://github.com/jannickfahlbusch/node-routerpwn?platform=hootsuite

7、exserial:java反序列化利用工具

https://github.com/RickGray/exserial

8、Meterpreter的Python扩展支持

https://github.com/rapid7/metasploit-framework/wiki/Python-Extension

9、windows备份权限:cmd.exe

http://blog.didierstevens.com/2015/12/13/windows-backup-privilege-cmd-exe/

10、针对一款停车app的安全分析

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/december/car-parking-apps-vulnerable-to-hacks/

11、cacti 0.8.8.f 注入漏洞

http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt