4月29日-每日安全知识热点

1、Slack bot token泄露曝光商业敏感信息

https://labs.detectify.com/2016/04/28/slack-bot-token-leakage-exposing-business-critical-information/

2、hacking Slack账号,通过简单的github搜索就可以获取

http://arstechnica.com/security/2016/04/hacking-slack-accounts-as-easy-as-searching-github/

3、明白 EdgeHTML’s的攻击面和利用缓解

https://securityintelligence.com/understanding-edgehtmls-attack-surface-and-exploit-mitigations/#

4、通过bitshfting(位翻转)进行盲注的POC工具

https://github.com/libeclipse/blind-sql-bitshifting

5、Windows Kernel win32k.sys TTF processing: pool corruption with malformed EBLC / EBSC tables

https://bugs.chromium.org/p/project-zero/issues/detail?id=684

6、linux汇编指南

http://docs.cs.up.ac.za/programming/asm/derick_tut/

7、隐藏在图片文件中的恶意软件是如何工作的

https://www.virusbulletin.com/blog/2016/04/paper-how-it-works-steganography-hides-malware-image-files/

8、PHP 7.x 堆溢出漏洞

https://packetstormsecurity.com/files/136843/php7-overflow.txt

9、windwos驱动开发历险第一部分

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/april/adventures-in-windows-driver-development-part-1/

10、User Exploitation at Scale [介绍如何在Cobalt Strike里通过一个操作对多个Beacons部署截屏工具和键盘记录工具]

http://blog.cobaltstrike.com/2016/04/28/user-exploitation-at-scale/

11、AMD内存加密

http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf

12、verizon发布2016年数据泄露报告

http://www.verizonenterprise.com/resources/reports/rp_DBIR_2016_Report_en_xg.pdf

13、CVE-2016-1757:Mach Race OS X 本地提权POC

https://packetstormsecurity.com/files/136833/mach_race-master.zip

14、使用EMET的ASR防护AppLocker绕过技术

https://github.com/iadgov/Secure-Host-Baseline/tree/master/EMET#blocking-the-regsvr32-application-whitelisting-bypass-technique

15、基于debian的安装Metasploit Framework 的docker容器

https://github.com/phocean/dockerfile-debian-metasploit

16、cisco指责法国软件制造商在120万计算机上安装后门

http://blog.talosintel.com/2016/04/the-wizzards-of-adware.html

17、detux:多平台的linux沙箱

https://github.com/detuxsandbox/detux