8月12日-每日安全知识热点

http://p8.qhimg.com/t0105eadd526b531a1d.png


国内热词

法庭裁决Twitter对ISIS的崛起不具有法律责任
卡巴斯基(PDF)和赛门铁克研究人员发现新的国家级先进恶意程序

Tor 社会契约:Tor匿名网络项目学习 Debian 的做法公布了 Tor 社会契约——解释他们是一群什么样的人,以及为什么要开发Tor


资讯类:

用于攻击越南航空的恶意软件正在潜伏攻击其他的越南机构
http://www.scmagazine.com/report-spyware-used-to-dox-vietnam-airlines-is-lurking-in-other-vietnamese-institutions/article/515310/

后门密钥允许攻击者绕过UEFI安全启动
http://securityaffairs.co/wordpress/50182/hacking/backdoor-keys-uefi-secure-boot.html

技术类:

ARMageddon: 针对ARM设备的缓存攻击
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_lipp.pdf

滥用kerberos到NTLM回退击败BitLocker的FDE
https://blog.ahmednabeel.com/abusing-kerberos-to-ntlm-fallback-to-defeat-windows-authentication/

DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work
https://www.usenix.org/conference/woot16/workshop-program/presentation/wustrow

从一个黑客的观点来评论各家的bug奖励计划
http://www.skeletonscribe.net/2016/08/reviewing-bug-bounties-hackers.html

needle:IOS安全测试框架
https://github.com/mwrlabs/needle

Breaking https' AES-GCM
https://www.cryptologie.net/article/361/nonce-disrespecting-adversaries-practical-forgery-attacks-on-gcm-in-tls/

通过rundll32来运行powershell
https://github.com/p3nt4/PowerShdll

EFF安全消息评分系统预览
https://www.elttam.com.au/blog/a-review-of-the-eff-secure-messaging-scorecard-pt2/

实现一个debugger:基础
http://backtrace.io/blog/blog/2016/08/11/debugger-internals/

R980恶意欺诈软件被发现滥用一次性邮箱地址服务
http://blog.trendmicro.com/trendlabs-security-intelligence/r980-ransomware-disposable-email-service/

DEFCON24徽章挑战
http://co9.io/post/148716614744/defcon-24-badge-challenge

解密 #Chimera 恶意欺诈软件
https://blog.malwarebytes.com/cybercrime/2016/08/decrypting-chimera-ransomware/

Microsoft Internet Explorer: Read AV in MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal 
https://bugs.chromium.org/p/project-zero/issues/detail?id=827&redir=1

Amazon S3现在开始支持IPv6
https://aws.amazon.com/de/blogs/aws/now-available-ipv6-support-for-amazon-s3/

通过逆向工程解锁密钥开启汽车
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_garcia.pdf

针对‘Video Jacking’攻击的介绍
http://krebsonsecurity.com/2016/08/road-warriors-beware-of-video-jacking/

使用radare2静态分析RAT的配置
http://radare.today/posts/malware-static-analysis/

CVE-2016-3842 细节:Qualcomm MSM GPU驱动中的UAF漏洞
http://retme.net/index.php/2016/08/11/cve-2016-3842.html

如何绕过手机端杀软的license系统
https://medium.com/@entdark_/defeating-mobile-av-licensing-e627e7e94f50#.f657bpu4k