【知识】7月19日 - 每日安全知识热点

热点概要：Bitdefender：通过7z PPMD进行远程栈溢出、NorthSec 2017 会议视频、腾讯游戏安全技术竞赛2017Round1、HackerOne漏洞赏金平台经典案例点评及反思、利用USB RUBBER DUCKY（USB 橡皮鸭）在目标机器上启动Empire或Meterpreter会话、ARM Shellcode编写入门教程、在非root的Android手机上安装和使用RouterSploit、黑客利用一个简单技巧在3分钟内窃取了价值700万美元的以太坊

资讯类：

Burp Suite 1.7.24发布，增加保存项目（save project）功能、修复数个bug

http://releases.portswigger.net/2017/07/1724.html 

黑客利用一个简单技巧在3分钟内窃取了价值700万美元的以太坊

http://thehackernews.com/2017/07/ethereum-cryptocurrency-heist.html 

技术类：

Bitdefender：通过7z PPMD进行远程栈溢出

https://landave.io/2017/07/bitdefender-remote-stack-buffer-overflow-via-7z-ppmd/ 

NorthSec 2017 会议视频

https://www.nsec.io/2017/07/northsec-2017-conference-videos/ 

【IoT安全】Devil's Ivy: The Technical Details

http://blog.senr.io/devilsivy.html 

GoodSAM被曝存在CSRF、存储型XSS漏洞

https://blog.jameshemmings.co.uk/2017/07/17/goodsam-csrfxss-chain-full-disclosure/ 

使用Tamarin Prover对WireGuard协议进行验证

https://www.wireguard.com/formal-verification/ 

腾讯游戏安全技术竞赛2017Round1

https://weiyiling.cn/one/qqyouxi_pc_2017_round1 

Implementing Malware Command and Control Using Major CDNs and High-Traffic Domains  

https://www.cyberark.com/threat-research-blog/implementing-malware-command-control-using-major-cdns-high-traffic-domains/ 

HackerOne漏洞赏金平台经典案例点评及反思

https://flexport.engineering/six-vulnerabilities-from-a-year-of-hackerone-808d8bfa0014 

Firefox帐户的安全审计

https://blog.mozilla.org/security/2017/07/18/web-service-audits-firefox-accounts/ 

在非root的Android手机上安装和使用RouterSploit

https://null-byte.wonderhowto.com/how-to/exploit-routers-unrooted-android-phone-0178066/ 

【社会工程学】利用USB RUBBER DUCKY（USB 橡皮鸭）在目标机器上启动Empire或Meterpreter会话

https://www.sc0tfree.com/sc0tfree-blog/optimizing-rubber-ducky-attacks-with-empire-stagers 

Huawei/MediaTek Android驱动多个漏洞

https://labs.mwrinfosecurity.com/advisories/huawei-frame-buffer-driver-arbitrary-memory-write/ 

https://labs.mwrinfosecurity.com/advisories/huawei-frame-buffer-driver-arbitrary-memory-write-2/ 

https://labs.mwrinfosecurity.com/advisories/huawei-frame-buffer-driver-information-leak/ 

十种进程注入技术

https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common-and-trending-process 

CVE-2017-8543 Windows Search漏洞分析及POC关键部分 

http://mp.weixin.qq.com/s/X2JcKCpCH4exDoxMK5oN5Q 

ARM exploitation for IoT – Episode 1

https://quequero.org/2017/07/arm-exploitation-iot-episode-1/ 

ARM Shellcode编写入门教程

https://azeria-labs.com/writing-arm-shellcode/ 

CVE-2017-5400：ASM.JS JIT-Spray in Firefox

https://rh0dev.github.io/blog/2017/the-return-of-the-jit/ 

https://rh0dev.github.io/blog/2017/the-return-of-the-jit-part-2/