首页 » 漏洞 » 1月21日-每日安全知识热点

1月21日-每日安全知识热点

 

1月21日-每日安全知识热点

2016-01-21 10:08:48 阅读:818次 点赞(0) 收藏

分享到:

1月21日-每日安全知识热点

1.深入分析CVE-2016-0010:微软office rtf 文件处理堆溢出漏洞

http://blog.fortinet.com/post/deep-analysis-of-cve-2016-0010-microsoft-office-rtf-file-handling-heap-overflow-vulnerability

2.linux内核rop第一部分

https://cyseclabs.com/page?n=17012016

3.服务器安全:OSSEC集成slack和pagerduty

https://blog.sucuri.net/2016/01/server-security-integrating-ossec-with-slack-and-pagerduty.html

4.对乌克兰的电力行业新的一波攻击

http://www.welivesecurity.com/2016/01/20/new-wave-attacks-ukrainian-power-industry/

5.andorid木马预安装在飞利浦s307固件

http://news.drweb.com/show/?i=9792&lng=en&c=5

6.BSides NYC 2016 安全会议PPT

https://github.com/bsidesnyc/BSidesNYC2016/wiki/Agenda

7.OPENCART LFI缓解绕过

http://www.openwall.com/lists/oss-security/2016/01/19/16

8.Asacub木马:从间谍软件到银行恶意软件

https://securelist.com/?p=73211

9.这些设备尝试安全IOT

http://motherboard.vice.com/read/these-devices-are-trying-to-secure-the-internet-of-hackable-things

10.通过Flooding SIP欺骗VoIP

http://resources.infosecinstitute.com/cheating-voip-security-by-flooding-the-sip/

11.基于DNS的流量攻击

https://nymity.ch/dns-traffic-correlation/

12.明白wmi恶意软件

http://la.trendmicro.com/media/misc/understanding-wmi-malware-research-paper-en.pdf

13.SSH隧道Fun And profit

http://blog.cylance.com/puttering-into-the-future

http://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-autossh/

14.GCC tiny:构建GCC前端的语言

http://thinkingeek.com/gcc-tiny/

15.攻击者寻求破解硬件的终极控制

https://blogs.mcafee.com/mcafee-labs/attackers-seek-to-hack-hardware-for-ultimate-control/

16.音乐样式的广告软件引向Angler

https://blog.malwarebytes.org/fraud-scam/2016/01/tech-support-scammers-lure-users-with-fake-norton-warnings-turn-out-to-be-symantec-reseller/

http://research.zscaler.com/2016/01/music-themed-malvertising-lead-to-angler.html

17.滥用 SQLITE3 分词器绕过php安全限制

http://chichou.0ginr.com/blog/1336/abuse-sqlite3-ext-to-bypass-php-security-restrictions

18.Avast沙盒逃逸

http://code.google.com/p/google-security-research/issues/detail?id=700#c3

本文由 360安全播报 原创发布,如需转载请注明来源及本文地址。
本文地址:http://www.hackdig.com/01/hack-31319.htm

原文链接:1月21日-每日安全知识热点,转载请注明来源!

0