5月4日-每日安全知识热点

CVE-2016-3714:ImageMagick (许多web应用的图形处理用的这个)不安全的shell字符过滤(潜在)导致代码执行

http://www.openwall.com/lists/oss-security/2016/05/03/18

LifeSize Room (<= 4.7.11 rev 4)非认证RCE,管理员劫持漏洞

http://blog.d3vsite.org/lifesize-room-rce-dos-admin-hijack/

任天堂Wiiu 5.5内核利用

https://gbatemp.net/threads/tutorial-running-kexploit-5-5-x-w-haxserver-loadiine-homebrew-launcher-etc.424948/

CVE-2016-3627 CVE-2016-3705: libxml2:xml validator (parser)中的栈溢出

http://seclists.org/fulldisclosure/2016/May/10

OpenSSL ASN.1 编码 (CVE-2016-2108)中的内存损坏漏洞

http://pastebin.com/raw/MFevgXsa

Satoshi:Craig Wright的欺骗是如何工作的

http://blog.erratasec.com/2016/05/satoshi-how-craig-wrights-deception.html

Neutrino exploit kit 派发 Cerber 恶意欺诈软件,另一篇报道http://www.broadanalysis.com/2016/05/02/neutrino-ek-from-185-58-227-227-sends-cerber-ransomware

https://isc.sans.edu/forums/diary/Neutrino+exploit+kit+sends+Cerber+ransomware/21017

badger:windows exploit开发瑞士军刀

https://github.com/lillypad/badger

CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell 命令注入漏洞

http://seclists.org/bugtraq/2016/May/11

各种编程语言的api cheatsheet

http://overapi.com/

在AWS上建立openvpn的脚本

https://github.com/ttlequals0/autovpn

ARM Exploit练习

https://rotlogix.com/2016/05/03/arm-exploit-exercises/

使用docker实现dns轮询的负载均衡

https://technologyconversations.com/2016/04/25/docker-networking-and-dns-the-good-the-bad-and-the-ugly/

GitLab 8.2 到 8.7的"impersonate"功能导致的权限提升漏洞

https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/

Process Explorer的使用介绍

https://blog.malwarebytes.org/101/2016/05/process-explorer-an-introduction/

Linux kernel JIT spray proof of concept

https://github.com/01org/jit-spray-poc-for-ksp

使用MSOMS(Microsoft Operations Management Suite)跟踪powershell活动

https://blogs.technet.microsoft.com/msoms/2016/05/03/use-microsoft-operations-management-suite-to-track-powershell-activity

Lost Door RAT:可自定义的rat工具

http://blog.trendmicro.com/trendlabs-security-intelligence/lost-door-rat-accessible-customizable-attack-tool/