1、OlympicDestroyer is here to trick the industry
https://securelist.com/olympicdestroyer-is-here-to-trick-the-industry/84295/

2、rtorrent vulnerability leveraged in campaign spoofing riaa and nyu user-agents?
https://f5.com/labs/articles/threat-intelligence/cyber-security/rtorrent-vulnerability-leveraged-in-campaign-spoofing-riaa-and-nyu-user-agents

3、Apache SOLR: the new target for cryptominers
https://isc.sans.edu/forums/diary/Apache+SOLR+the+new+target+for+cryptominers/23425/

4、Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?
https://citizenlab.ca/2018/03/bad-traffic-sandvines-packetlogic-devices-deploy-government-spyware-turkey-syria/

5、Hidden Cobra Targets Turkish Financial Sector With New Bankshot Implant
https://securingtomorrow.mcafee.com/mcafee-labs/hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant/

6、是谁悄悄偷走我的电(四):国内大玩家对Coinhive影响的案例分析
https://blog.netlab.360.com/who-is-stealing-my-power-iv-a-case-study-how-one-big-player-could-impact-the-cohive-business-in-china/

7、知名软件ADSafe暗藏恶意代码 从众多网站劫持流量
https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247484771&idx=1&sn=c87ab91888917d70bfd910603ce13951&chksm=eb73db5cdc04524a12304fc0c8dbc247c03f527158e60ef8f93a97df837ea23b76caafa7ba1f&mpshare=1&scene=1&srcid=0309mdfY4V48Tn8u2Ud1zGBy

8、Looking back at a Windows Kernel info leak bug involving improper checks from Pwn2Own 2016.
https://www.zerodayinitiative.com/blog/2018/3/9/testing-for-truthiness-exploiting-improper-checks

9、Introducing scrcpy - an application to display and control Android devices connected on USB without root access
https://blog.rom1v.com/2018/03/introducing-scrcpy/

10、Cryptocurrency Mining Malware Landscape
https://www.secureworks.com/research/cryptocurrency-mining-malware-landscape

11、Territorial Dispute – NSA’s perspective on APT landscape
https://blog.crysys.hu/2018/03/territorial-dispute-nsas-perspective-on-apt-landscape/

12、Bypass non-executable stack on modern linux
https://teamultimate.in/return-to-libc/

13、A first look at browser-based cryptojacking
https://arxiv.org/pdf/1803.02887.pdf

工具#PESecurity:PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
https://github.com/NetSPI/PESecurity

工具#password_pwncheck:Kerberos / Windows AD / Linux PAM password change check against breached lists (HIBP), and other rules
https://github.com/CboeSecurity/password_pwncheck

工具#JPT - A quick & dirty GPT Partition Editor
http://newandroidbook.com/tools/jpt.html

工具#DCSYNCMonitor:Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.
https://github.com/shellster/DCSYNCMonitor

工具#DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
https://github.com/nccgroup/DriverBuddy

工具#Meltdown & Spectre PoC for OpenBSD
https://github.com/genua/meltdown

工具#VirtualXposed is a simple app to use Xposed Module without root, unlock the bootloader, or flash the system image
https://github.com/android-hacker/VirtualXposed

工具#Memfixed-Mitigation-Tool:DDoS mitigation tool for sending flush or shutdown commands to vulnerable Memcached servers obtained using Shodan API
https://github.com/649/Memfixed-Mitigation-Tool

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖