2月23日-每日安全知识热点

1.像连线杂志报道的那样，黑掉电厂并不容易

https://blindseeker.com/blahg/?p=774

2.基于websocket的egress buster(就是尝试1-65535查看能出网的端口的技术) 

http://www.shellntel.com/blog/2016/2/19/websocket-based-egress-buster

3.CVE-2016-2384：usb-midi linux内核驱动的double-free导致任意代码执行分析 

https://xairy.github.io/blog/2016/cve-2016-2384

 

4.cve-2016-0034已被用于exploitpack 

http://malware.dontneedcoffee.com/2016/02/cve-2016-0034.html

5.使用开放数据源降低误报 

https://isc.sans.edu/diary/Reducing+False+Positives+with+Open+Data+Sources/20755

6.volatilityBot:恶意代码解压提取 

https://www.virusbulletin.com/blog/2016/02/vb2015-paper-volatilitybot-malicious-code-extraction-made-and-security-researchers/

7.针对数据保护API（DPAPI）的预览 

http://blog.digital-forensics.it/2015/01/happy-dpapi.html

8.使用docker容器进行事件处理 

https://blog.rootshell.be/2016/02/22/incident-handling-docker-to-the-rescue/

9.免费的在线工具调查寻找潜在的恶意站点 

https://zeltser.com/lookup-malicious-websites/

10.私有的IOS STORE客户端成功逃避APPLE IOS代码审计 

http://researchcenter.paloaltonetworks.com/2016/02/pirated-ios-app-stores-client-successfully-evaded-apple-ios-code-review/

11.中国IOS开发者滥用apple app测试证书安装私有app 

http://www.csoonline.com/article/3036299/security/chinese-devs-abuse-free-apple-app-testing-certs-to-install-pirated-apps.html#tk.rss_all

12.Bro插件用来检测和解密XOR加密的EXE文件 

https://github.com/broala/bro-xor-exe-plugin

13.开放图书馆：免费的安全书籍下载 

https://openlibra.com/en/collection/search/category/security_books

14.反向工程arm1处理器微架构 

http://www.righto.com/2016/02/reverse-engineering-arm1-processors.html

15.反混淆一个js下载者 

http://www.kahusecurity.com/2016/deobfuscating-a-hideous-looking-js-downloader