1月14日-每日安全知识热点

1.CVE-2016-0034的神秘案例:捕捉一个微软的Silverlight 0day

https://securelist.com/blog/research/73255/the-mysterious-case-of-cve-2016-0034-the-hunt-for-a-microsoft-silverlight-0-day/

2.在你生活的地方检测并断开无线网络摄像机

https://julianoliver.com/output/log_2015-12-18_14-39

3.cve-search:导入cve和cpe进MongoDB,进行搜索的工具

https://github.com/pidgeyl/cve-search

4.归类(triaging)IE/EDGE崩溃的利用

http://blogs.technet.com/b/srd/archive/2016/01/12/triaging-the-exploitability-of-ie-edge-crashes.aspx

5.使用DNSSEC安全SSH

https://blog.cloudflare.com/flexible-secure-ssh-with-dnssec/

6.FFmpeg漏洞利用: 使用HLS+concat偷取本地文件

http://permalink.gmane.org/gmane.comp.security.oss.general/18567?utm_source=twitterfeed&utm_medium=twitter

7.评测windows下包捕捉方法

http://blog.nektra.com/main/2016/01/12/benchmarking-windows-packet-capture-methods/

8.Android Bankosy恶意软件窃取银行OTP

http://securityaffairs.co/wordpress/43564/malware/android-bankosy-steals-otps.html

9.MS16-007 CVE-2016-0019 Windows RDP 安全绕过

http://eromang.zataz.com/2016/01/13/ms16-007-cve-2016-0019-windows-rdp-security-bypass/