安全资讯

[其它]  年度最佳钓鱼高手 Elon Musk 比特币钓鱼 日获28 BTC

https://nosec.org/home/detail/1939.html

[文档]  卡巴斯基2018年第三季度DDoS攻击报告

https://mp.weixin.qq.com/s/_uI51cd_D2WBe0_0BqPRNA

[其它]  Shellbot僵尸网络：目标物联网设备和Linux服务器

https://nosec.org/home/detail/1937.html

[事件]  美国运通近70万条印度客户明文数据泄露

https://nosec.org/home/detail/1952.html

[其它]  台男子钻银行系统漏洞狂刷6300万新台币 银行被罚

https://nosec.org/home/detail/1947.html

[设备安全]  大疆无人机曝数据泄露漏洞

https://nosec.org/home/detail/1951.html

[漏洞分析]  印象笔记曝出存储XSS漏洞，可导致命令执行和文件读取

https://nosec.org/home/detail/1948.html

安全技术

[Web安全]  挖洞姿势-Jsonp劫持

http://www.fr1sh.com/?post=20

[运维安全]  人生苦短，我用Wazuh

https://mp.weixin.qq.com/s/qTpLjhbl4gpOTncvdMVOHw

[文档]  common-windows-misconfigurations-scheduled-tasks

https://amonsec.net/windows-security/2018/common-windows-misconfigurations-scheduled-tasks

[运维安全]  日志分析

https://github.com/bloodzer0/Enterprise_Security_Build--Open_Source/tree/master/Infrastructure%20Security/Log%20Analysis

[漏洞分析]  最新VirtualBox 0day漏洞公开

https://nosec.org/home/detail/1950.html

[恶意分析]  APT37 移动武器库KevDroid在中国境内攻击行动披露 -- PART 1

https://cert.360.cn/warning/detail?id=164208b67b44a5ffa195d574d9c3a205

[取证分析]  Shodan能力分析（二）

https://mp.weixin.qq.com/s/CVI_FbQ_Yo_FvYm7CuJzOQ

[恶意分析]  勒索软件解密工具大全 

http://www.mottoin.com/tools/96226.html

[漏洞分析]  BFuzz: Chrome 和 Firefox 浏览器的 fuzz 工具

https://github.com/RootUp/BFuzz

[运维安全]  Elk + Osquery + Kolide Fleet = Love中文版

https://github.com/bloodzer0/Enterprise_Security_Build--Open_Source/blob/master/Infrastructure%20Security/IDS%20IPS/Osquery%EF%BC%9AELK%2BOsquery%2BKolide%20Fleet.md

[漏洞分析]  Gogs 远程命令执行漏洞分析

https://www.anquanke.com/post/id/163575

[取证分析]  戏说美国情报江湖（一）

https://mp.weixin.qq.com/s/JA1sXtwuiTv3onzHiKG6dg

[Web安全]  渗透基础—端口转发与代理

https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E5%9F%BA%E7%A1%80-%E7%AB%AF%E5%8F%A3%E8%BD%AC%E5%8F%91%E4%B8%8E%E4%BB%A3%E7%90%86/

[其它]  .hta文件的后渗透利用（绕过PowerShell的限制模式）

https://nosec.org/home/detail/1949.html

[Web安全]  最新微软Edge浏览器RCE 0day即将放出

https://nosec.org/home/detail/1935.html

[Web安全]  宝塔面板6.x版本前台存储xss+后台csrf组合拳getshell

https://nosec.org/home/detail/1946.html

[运维安全]  浅谈大型互联网的企业入侵检测及防护策略

https://mp.weixin.qq.com/s/1Iry620hCkJ8sHA626T3Dg

[比赛]  Google的CTF源码及解答

https://github.com/google/google-ctf/tree/master/2018/finals

[其它]  ELK：安装与基础使用

https://github.com/bloodzer0/Enterprise_Security_Build--Open_Source/blob/master/Infrastructure%20Security/Log%20Analysis/ELK%EF%BC%9A%E5%AE%89%E8%A3%85%E4%B8%8E%E5%9F%BA%E7%A1%80%E4%BD%BF%E7%94%A8.md

[运维安全]  深度解读零信任身份安全专栏

https://www.secrss.com/specials/ed13a8905f42b1d7

[其它]  CTF老赛棍退休简述

https://www.virzz.com/2018/04/20/the_retire_sketch_by_old_ctfer.html

[其它]  ELK：elastalert报警系统

https://github.com/bloodzer0/Enterprise_Security_Build--Open_Source/blob/master/Infrastructure%20Security/Log%20Analysis/ELK%EF%BC%9Aelastalert%E6%8A%A5%E8%AD%A6%E7%B3%BB%E7%BB%9F.md

[Web安全]  Nuxeo RCE漏洞分析

http://www.polaris-lab.com/index.php/archives/613/

[数据挖掘]  如何解决机器学习和安全运营之间的不匹配问题

http://www.4hou.com/technology/14382.html

[Web安全]  PHP伪协议相关

https://zhuanlan.zhihu.com/p/49206578

[杂志]  SecWiki周刊（第244期)

https://www.sec-wiki.com/weekly/244

[其它]  ELK：使用进阶指南

https://github.com/bloodzer0/Enterprise_Security_Build--Open_Source/blob/master/Infrastructure%20Security/Log%20Analysis/ELK%EF%BC%9A%E4%BD%BF%E7%94%A8%E8%BF%9B%E9%98%B6%E6%8C%87%E5%8D%97.md

[设备安全]  固态硬盘被发现硬盘加密绕过漏洞

https://nosec.org/home/detail/1938.html

[恶意分析]  开源Botnet框架Byob分析

https://www.freebuf.com/sectool/187819.html?from=timeline

[其它]  Decrypting Traffic in Wireshark

https://hatsoffsecurity.com/2018/10/30/decrypting-traffic-in-wireshark/

[Web安全]  Security Bugs in Practice: SSRF via Request Splitting 

https://www.rfk.id.au/blog/entry/security-bugs-ssrf-via-request-splitting/

[Web安全]  Cobaltstrike Over External C2 via Dropbox

https://truneski.github.io/blog/2018/11/05/cobaltstrike-over-external-c2-via-dropbox/

[Web安全]  A platform to provide challenge for CTFer

https://github.com/CTFTraining

[恶意分析]  隧道技术之DNS和ICMP与其检测防御

https://www.anquanke.com/post/id/163240

[恶意分析]  Linux下的Rootkit驻留技术分析 

http://blog.topsec.com.cn/ad_lab/linux%e4%b8%8b%e7%9a%84rootkit%e9%a9%bb%e7%95%99%e6%8a%80%e6%9c%af%e5%88%86%e6%9e%90/

[取证分析]  Suricata规则介绍、以及使用suricata-update做规则管理

https://zhuanlan.zhihu.com/p/36340468

[取证分析]  gshark: Scan for sensitive information in Github easily and effectively

https://github.com/neal1991/gshark

[无线安全]  如何通过中间人攻击嗅探SIM卡的流量通信

https://www.freebuf.com/articles/wireless/188383.html

[Web安全]  SQLMap Insert注入踩坑记

https://www.freebuf.com/articles/web/188402.html

[漏洞分析]  从ChimayRed漏洞看不同架构下的栈溢出利用实践

https://mp.weixin.qq.com/s/q1zHgQ864u4t9QlzSIzoZw

[恶意分析]  carbon-black-quarterly-incident-response-threat-report-november-2018

https://www.carbonblack.com/wp-content/uploads/2018/10/carbon-black-quarterly-incident-response-threat-report-november-2018.pdf

[漏洞分析]  一个利用姿势清奇的11882格式溢出文档的分析

https://www.anquanke.com/post/id/163855

[漏洞分析]  Intro to Binary Analysis with Z3 and Angr

https://labs.mwrinfosecurity.com/publications/intro-to-binary-analysis-with-z3-and-angr

[数据挖掘]  50个最佳机器学习公共数据集

https://mp.weixin.qq.com/s/4jhtCUtv_szfMvyDCWKvoQ

[数据挖掘]  用神经推理来帮助命名实体识别

https://mp.weixin.qq.com/s/4qHgIcq9YJTj1iGh7kLB4w

[其它]  Identifying Sites in Encrypted Traffic

https://hatsoffsecurity.com/2018/10/29/id-site-from-ssl/

[数据挖掘]  知识图谱的建模方法及其应用

https://mp.weixin.qq.com/s/u7mvxrvudKmjX4KeGtBiWA

[取证分析]  T级攻击态势下解析DDOS高防IP系统架构

https://www.freebuf.com/articles/network/188199.html

[取证分析]  LogonTracer：可视化事件日志识别被攻击账户

https://www.freebuf.com/sectool/180895.html

[恶意分析]  2018年上半年物联网恶意活动&僵尸网络数据摘要

https://www.freebuf.com/news/188339.html

[会议]  CCS 2018 会议小记 (一)

https://mp.weixin.qq.com/s/FYZSZGGHgNxaWPPGgp9vKA

[取证分析]  Stucco-A Cyber Intelligence Platform

https://stucco.github.io/

[取证分析]  Forensic Analysis Of The μTorrent Peer-to-Peer Client In Windows

https://articles.forensicfocus.com/2018/11/02/forensic-analysis-of-the-%CE%BCtorrent-peer-to-peer-client-in-windows/

[设备安全]  西门子通信协议S7COMM（Part 1）

https://www.freebuf.com/articles/ics-articles/188159.html

[恶意分析]  Triton针对工业系统的形势分析以及检测手段

https://mp.weixin.qq.com/s/Nel6neXIHw5yXOsNzihQLA

[数据挖掘]  闲扯基于图的数据关联分析

https://mp.weixin.qq.com/s/fD95ohJBE_YNcnlZMuXFHA

[漏洞分析]  A new Control Flow Graph based heuristic for Diaphora

http://joxeankoret.com/blog/2018/11/04/new-cfg-based-heuristic-diaphora/

-----微信ID：SecWiki-----
SecWiki，5年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第245期)