8月23日-每日安全知识热点

热点概要：微信惊现任意代码执行漏洞 360手机卫士提供自检方案、通过边信道攻击浏览器的存储配额、火狐本地文件列举、嵌入式硬件HACKING 101、word宏通过VB代码使用本地API调用执行shellcode

国内热词：

微信惊现任意代码执行漏洞 360手机卫士提供自检方案

从泄漏代码看NSA如何监听加密流量

天融信修复NSA黑客披露的防火墙漏洞

甲骨文资助了反Google组织

资讯类：

Guccifer2.0持续性泄露民主党的资料

https://guccifer2.wordpress.com/2016/08/21/dccc-pa/

NSA如何被黑

http://theweek.com/articles/643734/how-nsa-got-hacked

为什么政府容易受到黑客攻击

https://www.weforum.org/agenda/2016/08/why-governments-and-all-of-us-need-to-do-more-to-prevent-cyber-threats/

技术类：

Pwntools v3.0 发行

http://pwntools.com/

通过边信道攻击浏览器的存储配额

https://tom.vg/2016/08/request-and-conquer/

Fun with Frida

https://www.securusglobal.com/community/2016/08/22/fun-with-frida/

angr.io FOSS框架静态/动态分析二进制

http://angr.io/

PowerShell PSRemoting pwnage

https://pentestn00b.wordpress.com/2016/08/22/powershell-psremoting-pwnage/

Shellphish发布的“ Mechanical Phish”

https://github.com/mechaphish/mecha-docs

红队常用的2个工具更新，分别是Hashcat v3.10和SpiderFoot 2.7.0

https://isc.sans.edu/diary/21393

火狐本地文件列举

http://strukt93.blogspot.my/2016/08/firefox-local-filename-enumeration-sec.html

wikileak公布的克林顿邮件搜索引擎，包括已经删除的 14,900封邮件

https://wikileaks.org/clinton-emails/

利用pam_exec模块根据IP限制用户登录的bash脚本

https://github.com/ckozler/pam_ssh_limit_ip

来自troopers会议的ppt:Netscreen of the Dead 

https://www.troopers.de/media/filer_public/0e/23/0e2397d2-6cea-4e57-a233-d6a09f788c2c/troopers10_netscreen_of_the_dead_graeme_neilson.pdf

联想内核驱动发现多个漏洞

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/august/multiple-vulnerabilities-in-lenovo-kernel-driver/

芝麻开门：RFID，门控和一些电子产品

http://www.itgovernance.co.uk/blog/open-sesame-rfid-door-controllers-and-some-electronics/

嵌入式硬件HACKING 101 – 贝尔金产品

https://www.fireeye.com/blog/threat-research/2016/08/embedded_hardwareha.html

4-5台的DNSSEC服务器已经被劫持或被黑

http://news.softpedia.com/news/around-four-in-five-dnssec-servers-can-be-used-in-ddos-attacks-507503.shtml

docker的CIS安全标准

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/august/the-cis-security-standard-for-docker-available-now/

word宏通过VB代码使用本地API调用执行shellcode

http://researchcenter.paloaltonetworks.com/2016/08/unit42-vb-dropper-and-shellcode-for-hancitor-reveal-new-techniques-behind-uptick/

如何检测黑客的端口扫描行为

https://medium.com/@almog009/how-to-detect-hackers-port-scanning-in-less-than-50-bucks-40ff71a86aea#.jyv7d8oax

火眼报告：Redline - 中国的网络间谍策略观察报告

https://www.fireeye.com/blog/executive-perspective/2016/08/tracing_the_red_line.html

Phoenix Exploit Kit的Web 管理界面RCE漏洞的metasploit利用模块

https://packetstormsecurity.com/files/138469/phoenix_exec.rb.txt