12月16日-每日安全知识热点

1、Grub2 认证绕过0DAY

http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html

2、fireye远程利用分析

http://googleprojectzero.blogspot.tw/2015/12/fireeye-exploitation-project-zeros.html

3、DeepSec 2015安全会议PPT

https://deepsec.net/docs/Slides/2015/

4、Linux逃逸新技术

https://www.sentinelone.com/blog/breaking-and-evading/

5、CVE-2015-8000:bind严重远程漏洞

https://kb.isc.org/article/AA-01317/

6、Android.ZBot银行木马使用“web注入“技术偷敏感数据

http://news.drweb.com/show/?i=9754&lng=en&c=5

7、揭秘利用PowerShell的数据窃取活动

http://www.fireeye.com/blog/threat-research/2015/12/uncovering_activepower.html

8、fileless攻击日趋复杂,检测技术面临挑战

https://blogs.mcafee.com/mcafee-labs/detecting-undetectable-growing-sophistication-fileless-attacks/

9、#BadWinmail: outlook企业杀手攻击,演示视频在https://www.youtube.com/watch?v=ngWVbcLDPm8&feature=youtu.be

https://sites.google.com/site/zerodayresearch/BadWinmail.pdf?attredirects=0

10、libreOffice多个远程代码执行漏洞

http://www.securityfocus.com/bid/77486

11、一些蜜罐系统收集

http://www.kitploit.com/2015/12/collection-of-awesome-honeypots.html?

12、分析ps4安全和破解进度

https://cturt.github.io/ps4.html

13、IDAPython入门辅导

https://leanpub.com/IDAPython-Book

14、Joomla 1.5 – 3.4.5对象注入RCE

https://www.exploit-db.com/exploits/38977/

15、Loki:简单的IOC和事件响应扫描器

https://github.com/Neo23x0/Loki

16、TCP注入攻击检测技术

https://lists.torproject.org/pipermail/tor-relays/2015-December/008307.html

17、odt2txt:转换openDocument文本到plaintext,便于做diff的工具

https://github.com/dstosberg/odt2txt/

18、ZDI-15-639:execl远程代码执行0day

http://sourceincite.com/2015/12/15/microsoft-office-excel-users-vulnerable-to-zdi-15-639-a-remote-code-execution-zeroday/