作者: | 来源:互联网 | 2023-09-07 10:38
资讯类新的挖矿恶意软件出现:Digiminehttp://www.eweek.com/security/digimine-malware-steals-your-computer-power-to-
资讯类
新的挖矿恶意软件出现:Digimine
http://www.eweek.com/security/digimine-malware-steals-your-computer-power-to-mine-crypto-currency
Sonos与Bose的安全漏洞可以让黑客做些有意思的事情
https://www.bleepingcomputer.com/news/security/flaws-in-sonos-and-bose-smart-speakers-let-hackers-play-pranks-on-users/
PS4固件内核漏洞利用已放出
https://thehackernews.com/2017/12/ps4-jailbreak-kernel-exploit.html
浏览器登录管理器中的Web追踪器安全漏洞可能导致用户名泄露
https://www.bleepingcomputer.com/news/security/web-trackers-exploit-flaw-in-browser-login-managers-to-steal-usernames/
声波攻击或导致硬盘数据损坏,可能多种设备都需警惕
https://www.bleepingcomputer.com/news/security/acoustic-attacks-on-hdds-can-sabotage-pcs-cctv-systems-atms-more/
EtherDelta遭遇DNS攻击
http://securityaffairs.co/wordpress/67146/cyber-crime/exchange-etherdelta-dns-attack.html
Ancestry表示Rootsweb泄露出30万密码
https://threatpost.com/leaky-rootsweb-server-exposes-some-ancestry-com-user-data/129248/
技术类
新手向的模糊测试教程 Part 1 2 3
https://fuzzing-project.org/tutorial1.html
PS4固件内核漏洞利用
https://fail0verflow.com/blog/2017/ps4-crashdump-dump/
https://github.com/Cryptogenic/PS4-4.05-Kernel-Exploit
Firebird,Mysql,PostgreSql代码质量比较
https://dzone.com/articles/code-quality-comparison-of-firebird-mysql-and-post-1
趋势科技关于Janus漏洞最新利用的分析
http://blog.trendmicro.com/trendlabs-security-intelligence/janus-android-app-signature-bypass-allows-attackers-modify-legitimate-apps/
Professional Service Script新版多个漏洞分析
https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md
34c3 steaming
http://streaming.media.ccc.de/34c3/hallc
通往地狱之路:十次绕过恶魔WAF的尝试
https://medium.com/@know.0nix/jumping-to-the-hell-with-10-attempts-to-bypass-devils-waf-4275bfe679dd
Web安全策略——新的security.txt
https://tools.ietf.org/html/draft-foudil-securitytxt-02
HTTP/2客户端的被动指纹识别
https://www.blackhat.com/docs/eu-17/materials/eu-17-Shuster-Passive-Fingerprinting-Of-HTTP2-Clients-wp.pdf