1月11日安全热点–Meltdown/Spectre漏洞补丁影响

阅读量    64192 |

分享到: QQ空间 新浪微博 微信 QQ facebook twitter

资讯类

Meltdown & Spectre 漏洞补丁导致Ubuntu 16.04无法启动

https://www.bleepingcomputer.com/news/software/meltdown-and-spectre-patches-causing-boot-issues-for-ubuntu-16-04-computers/

 

macOS又爆出密码漏洞:macOS High Sierra’s App Store系统偏好设置可被任意密码解锁

https://twitter.com/zackwhittaker/status/951143200470728704

https://www.reddit.com/r/netsec/comments/7pi8lk/macos_high_sierras_app_store_system_preferences/

https://www.macrumors.com/2018/01/10/macos-high-sierra-app-store-password-bug/

http://openradar.appspot.com/36350507

 

WhatsApp漏洞可使潜在的攻击者监控加密群聊

http://thehackernews.com/2018/01/whatsapp-encryption-spying.html

 

技术类

CVE-2017-17485  jackson-rce-via-spel PoC

https://github.com/irsl/jackson-rce-via-spel

 

看我如何逆向OBi200 Google Voice Appliance:Part 3

https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-3/

 

一些Wget常用命令

https://n0where.net/howto-wget-command-examples

 

WPA3新特性解释 – 什么是WPA3?

http://rootsaid.com/wpa3-features-explained/

 

SANS Christmas Challenge 2017 Writeup

https://allyourbase.utouch.fr/posts/2018/01/10/sans-christmas-challenge-2017/

 

学习如何用汇编(ARM 32位)编写TCP bind Shell

https://azeria-labs.com/tcp-bind-shell-in-assembly-arm-32-bit/

 

Parity Ethereum Client <= v1.6.10 Dapp浏览器webproxy token reuse同源策略绕过(含PoC)

https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016

 

CVE-2017-4946:VMware Horizon desktop agent 提权漏洞

https://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/

 

WordPress Plugin Events Calendar event_id SQL Injection

https://cxsecurity.com/issue/WLB-2018010099

 

新的移动恶意软件利用分层混淆瞄准俄罗斯银行

http://blog.trendmicro.com/trendlabs-security-intelligence/new-mobile-malware-uses-layered-obfuscation-targets-russian-banks/

 

自动化的网络攻击武器

https://github.com/dendisuhubdy/cyberweapons

 

一些黑客攻击武器的Demo

https://github.com/LockGit/Hacking

 

前渗透信息探测工具集-子域名

https://github.com/coco413/DiscoverSubdomain

 

PhpSploit:后渗透测试框架

https://n0where.net/stealth-post-exploitation-framework-phpsploit

分享到: QQ空间 新浪微博 微信 QQ facebook twitter
|推荐阅读
|发表评论
|评论列表
加载更多