2月18日-每日安全知识热点

1.Avast的虚拟化驱动内核分页池缓冲区溢出漏洞分析

https://www.nettitude.co.uk/exploiting-a-kernel-paged-pool-buffer-overflow-in-avast-virtualization-driver/

2.海莲花osx:应用程序绑定一个伪造的Flash更新

https://www.alienvault.com/open-threat-exchange/blog/oceanlotus-for-os-x-an-application-bundle-pretending-to-be-an-adobe-flash-update

3.海莲花osx木马逃避杀毒软件检测

http://www.securityweek.com/oceanlotus-trojan-os-x-evades-antiviruses

4.近距离看LOcky恶意欺诈软件

http://blog.fortinet.com/post/a-closer-look-at-locky-ransomware-2

5.机器学习算法cheatsheet

http://www.lauradhamilton.com/machine-learning-algorithm-cheat-sheet

6.apple ios安全辅导

http://daringfireball.net/linked/2016/02/17/ios-security-guide

7.VulnHub Pipe Walkthrough

http://frequentlyinaccurate.net/2016/02/vulnhub-pipe-walkthrough/

8.使用sysmon wef 和elasticsearch检测高级威胁

http://joshuadlewis.blogspot.de/2014/10/advanced-threat-detection-with-sysmon_74.html

9.构建一个WiMAP(针对无线基础设施进行安全评估)无人机

https://www.nccgroup.trust/uk/our-research/building-wimap-the-wi-fi-mapping-drone/

10.识别网络攻击策略

http://www.krishisanskriti.org/vol_image/04Jul201512074063%20%20%20%20%20%20Arushi%20Jain%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20564-568.pdf

11.针对google,yahoo dhl的钓鱼攻击

https://blogs.mcafee.com/mcafee-labs/clever-phishing-attacks-target-google-yahoo-dhl-customers/

12.远程禁用无线防盗报警器

http://blog.ioactive.com/2016/02/remotely-disabling-wireless-burglar.html

13.使用css(CSS Cross Origin )偷取隐私

http://blog.k3170makan.com/2016/02/stealing-secrets-with-css-cross-origin.html