1、Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution
http://blog.talosintelligence.com/2018/03/gozi-isfb-remains-active-in-2018.html

2、Threat Brief: What’s Driving the Shift to Cryptocurrency Mining Malware?
https://researchcenter.paloaltonetworks.com/2018/03/threat-brief-whats-driving-shift-cryptocurrency-mining-malware/

3、OSX/Coldroot and the RAT Invasion
https://www.intego.com/mac-security-blog/osxcoldroot-and-the-rat-invasion/

4、勒索软件“假面”系列——免流软件
http://blogs.360.cn/360mobile/2018/03/07/analysis_of_mobile_free_flow/

5、Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing
https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/

工具#Suricata rules of CVE-2018-6789
https://github.com/ptresearch/AttackDetection/blob/master/CVE-2018-6789/cve-2018-6789.rules

7、poc of CVE-2017-13259 for Bluetooth remote heap
https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/commit/7c164cca56aae19edd417f597f92423965415f50

8、fineract v1.1.0 CVE三连爆
https://mp.weixin.qq.com/s?__biz=MzI2NjUwNjU4OA==&mid=2247483885&idx=1&sn=e7453d20e39b403babb02e5842dc9d37&chksm=ea8c59deddfbd0c8caf68d2bfe01a81d732dfa3a58b4a532c4aba299c612f1555473e3e5b04f&mpshare=1&scene=1&srcid=0306yb5MLqmCoirY91hsB2RT

9、Clang Control Flow Integrity (CFI) Bypass Techniques
https://github.com/0xcl/clang-cfi-bypass-techniques

10、VSCODE EXTENSION 钓鱼
https://paper.seebug.org/539/

11、从SQL注入到Getshell:记一次禅道系统的渗透
https://zhuanlan.zhihu.com/p/34275981

12、Encryption 101: How to break encryption
https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/

13、谈谈Selenium Server的安全问题未完
http://www.coffeehb.cn/?id=92

14、Password Filter DLL在渗透测试中的应用
https://3gstudent.github.io/3gstudent.github.io/Password-Filter-DLL%E5%9C%A8%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8/

15、Automating malware tracing with Pin and Cuckoo
http://blog.fernandodominguez.me/automating-malware-tracing-with-pin-and-cuckoo/

16、Payload Generation using SharpShooter
https://www.mdsec.co.uk/2018/03/payload-generation-using-sharpshooter/

17、Using Z3 with IDA to simplify arithmetic operations in functions
http://0xeb.net/2018/03/using-z3-with-ida-to-simplify-arithmetic-operations-in-functions/

18、Emulating Exynos 4210 BootROM in QEMU
https://www.fredericb.info/2018/03/emulating-exynos-4210-bootrom-in-qemu.html

19、Reconstructing C++ classes in the iOS kernelcache using IDA Pro
https://bazad.github.io/2018/03/ida-kernelcache-class-reconstruction/

20、How I could book cab using your wallet money in India’s largest auto transportation company!
https://medium.com/@logicbomb_1/bugbounty-how-i-could-book-cab-using-your-wallet-money-in-indias-largest-auto-transportation-e0c4252ca1a3

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖