ESET发布新的TeslaCrypt恶意勒索软件解密工具
http://www.welivesecurity.com/2016/05/18/eset-releases-decryptor-recent-variants-teslacrypt-ransomware/
CVE-2016-1886漏洞分析: SETFKEY FreeBSD kernel vulnerability
http://cturt.github.io/SETFKEY.html
修复marked包中的XSS漏洞
https://snyk.io/blog/marked-xss-vulnerability/
渗透整个Julia集群
https://blog.cylance.com/compromising-an-entire-julia-cluster
Falco介绍:开源,基于sysdig行为安全的
http://www.sysdig.org/falco/
TeslaCrypt关闭并发行解密私钥
http://www.bleepingcomputer.com/news/security/teslacrypt-shuts-down-and-releases-master-decryption-key/
恶意软件隐藏宏的新招数
https://blogs.technet.microsoft.com/mmpc/2016/05/17/malicious-macro-using-a-sneaky-new-trick/
EhTrace:跟踪windows二进制执行的工具
https://github.com/K2/EhTrace/
Checkpoint 访问 Nuclear僵尸网络源码,了解其架构
http://blog.checkpoint.com/2016/05/17/inside-nuclears-core-unraveling-a-ransomware-as-a-service-infrastructure/
在Nano服务器上运行Python & Django
https://blogs.technet.microsoft.com/nanoserver/2016/05/17/python-django-on-nano-server/
Cobalt Strike 3.3发行
http://blog.cobaltstrike.com/2016/05/18/cobalt-strike-3-3-now-with-less-powershell-exe/
ProtoFuzz: A Protobuf Fuzzer
http://blog.trailofbits.com/2016/05/18/protofuzz-a-protobuf-fuzzer/
使用flash和base tag绕过xss审计
http://mksben.l0.cm/2016/05/xssauditor-bypass-flash-basetag.html
分析Juniper DUal EC后门事件
https://eprint.iacr.org/2016/376.pdf
发表评论
您还未登录,请先登录。
登录