2月26日-每日安全知识热点

1.如何新建一个自动运行的usb,能够适用任何的windows平台

http://www.visualdesigning.com/articles/how-to-create-autorun-usb-drive/

2.序列化(serialization)必须死：Act 2: Xtream(Jenkins CVE-2016-0792)分析 

https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream

3.Mandiant发布2016移动安全趋势报告 

https://www2.fireeye.com/rs/848-DID-242/images/Mtrends2016.pdf

4.IKE/IKEv2: ripe for DDoS abuse 

https://community.akamai.com/docs/DOC-5289

5.解密一个流行4G调制解调器的更新固件 

http://blog.ptsecurity.com/2016/02/decipher-updates-of-popular-4g-modem.html

6.linux 内核 keyriging 权限提升漏洞 

https://bto.bluecoat.com/security-advisory/sa112

7.FighterPOS获取蠕虫程序 

http://blog.trendmicro.com/trendlabs-security-intelligence/fighterpos-gets-worm-routine/

8.CVE-2015-8277分析 

https://www.securifera.com/advisories/cve-2015-8277/

9.TLV流量混淆 

http://buffered.io/posts/tlv-traffic-obfuscation/

10.使用minifier bug给javascript加个后门 

https://zyan.scripts.mit.edu/blog/backdooring-js