1.未经测试过的cve-2015-1805 poc
https://github.com/idl3r/testcode/blob/master/test2.c
2.在Metasploitable 2上测试几种后门的使用
https://www.rawhex.com/2016/03/a-guide-to-recognising-backdoors-using-metasploitable-2/
3.Libmcrypt:GOST cipher不正确的S-Boxes (2008,未修复)
https://sourceforge.net/p/mcrypt/bugs/35/
4.yescrypt 哈西加密
http://thread.gmane.org/gmane.comp.security.phc/3617
5.对印度军事人员有针对性的信息窃取活动
6.SAMSAM欺诈勒索软件(使用RSA-2048位加密)分析
http://blog.talosintel.com/2016/03/samsam-ransomware.html#more
7.AWS中的网络隔离模型与环境
http://charity.wtf/2016/03/23/aws-networking-environments-and-you/
8.静态javascript安全分析工具
https://github.com/dpnishant/jsprime/
9.Foxit Reader FlateDecode UAF远程代码执行漏洞
http://www.zerodayinitiative.com/advisories/ZDI-16-221/
10.Foxit Reader Fields Format Action UAF远程代码执行漏洞
http://www.zerodayinitiative.com/advisories/ZDI-16-222/
11.Zyxel MAX3XX 系列 Wimax CPEs的硬编码密码
http://www.securityfocus.com/archive/1/537866
12.双因子认证的安全问题
https://www.fireeye.com/blog/threat-research/2016/03/99_problems_but_two-.html
13.新的自保护usb密码能够避免检测
http://www.welivesecurity.com/2016/03/23/new-self-protecting-usb-trojan-able-to-avoid-detection/
14.以色列公司Cellebrite可帮助FBI解锁iPhone
15.Unboxing the White-Box : 实践攻击混淆的ciphers
16.cansecwest2016会议议题:Pwn a Nexus device with a single vulnerability.pdf
17.无文件恶意软件的行为分析
18.OS X / iOS Suid 二进制逻辑错误内核代码执行poc
https://www.exploit-db.com/exploits/39595/
19.ESET发现新的基于USB的窃取数据的恶意软件
http://www.welivesecurity.com/2016/03/23/eset-discovers-new-usb-based-data-stealing-malware
发表评论
您还未登录,请先登录。
登录