12月17日-每日安全知识热点

阅读量    35089 |

分享到: QQ空间 新浪微博 微信 QQ facebook twitter

http://p1.qhimg.com/t01ee0ded1a480b06ce.jpg

1、Windows访问Tokens和信任切换

http://blog.cobaltstrike.com/2015/12/16/windows-access-tokens-and-alternate-credentials/

2、ELF Parser:通过静态分析快速确认ELF

http://www.elfparser.com/download.html


3、家庭路由DNS劫持技术介绍

https://blog.malwarebytes.org/online-security/2015/12/dns-hijacks-routers/

4、使用YARA标识恶意软件

https://blog.malwarebytes.org/intelligence/2013/10/using-yara-to-attribute-malware/


5、从云端unplugging一个IOT设备

https://blog.korelogic.com/blog/2015/12/11/unplugging_iot_from_the_cloud

6、分析和检测恶意RTF文件

http://traceevidence.blogspot.in/2014/03/analyzing-and-detecting-weaponized-rtf.html


7、USB设备研究1-6

http://nicoleibrahim.com/part-3-usb-device-research-windows-registry-enumerations/

http://nicoleibrahim.com/part-2-usb-device-research-msc-vs-ptp-vs-mtp/

http://nicoleibrahim.com/part-5-usb-device-research-directory-traversal-artifacts-shell-bagmru-entries/

http://nicoleibrahim.com/part-4-usb-device-research-usb-first-insert-results/

http://nicoleibrahim.com/part-6-usb-device-research-open-file-artifacts-lnk-files/

8、通过内网外网流量关联检测APT恶意文件

http://eprints.eemcs.utwente.nl/25925/01/Master_Thesis_Terence.pdf


9、自动取证分析混淆的恶意文件

http://rfarley3.github.io/2015-GMUPhD-farleyryanj.pdf

10、smart-TV安全分析

https://hal.archives-ouvertes.fr/hal-01178553/document


11、IOS木马"Tinyv"攻击越狱的设备

http://researchcenter.paloaltonetworks.com/2015/12/ios-trojan-tinyv-attacks-jailbroken-devices/

12、通过JTAG接口检测Android设备的内核ROOTKIT

http://arxiv.org/ftp/arxiv/papers/1512/1512.04116.pdf


13、一个购买安全设备和网关的决策者指南

http://addxorrol.blogspot.com.uy/2015/12/a-decisionmakers-guide-to-buying.html

14、CVE-2015-6620 POC

https://github.com/flankerhqd/CVE-2015-6620-POC


15、CVE-2014-0282利用分析

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/december/exploiting-cve-2014-0282/

分享到: QQ空间 新浪微博 微信 QQ facebook twitter
|推荐阅读
|发表评论
|评论列表
加载更多