技术类:
IBM BlueMix Cloud – (API) 存储型XSS漏洞
http://seclists.org/fulldisclosure/2016/Jul/3
子域名暴力破解工具Sublist3r更新
https://github.com/aboul3la/Sublist3r
Ayaabu是一个有趣的开源脚本,用来欺骗恶意软件以为计算机安装了多个杀软
https://github.com/mynameisv/Ayaabu
Cerber恶意欺诈软件的恶意pcap包
http://www.malware-traffic-analysis.net/2016/07/05/index.html
Cuckoo的沙箱驱动,可以在执行恶意文件的时候实现内核分析
https://github.com/angelkillah/zer0m0n
扫描和利用不安全的树莓派的脚本
https://github.com/Fysac/lhf
nccgroup发布了一个欺诈勒索软件模拟软件
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/july/ransomware-how-vulnerable-is-your-system/
US-CERT警告Symantec和Norton的几款安全产品包含严重的漏洞
https://www.us-cert.gov/ncas/alerts/TA16-187A
通过ubuntu bash来安装windows 10
http://www.howtogeek.com/261188/how-to-uninstall-or-reinstall-windows-10s-ubuntu-bash-shell/
使用chip-8中断写一个模拟器
http://www.multigesture.net/articles/how-to-write-an-emulator-chip-8-interpreter/
RansomNoteCleaner 移除欺诈软件留下的垃圾信息的工具
http://news.softpedia.com/news/ransomnotecleaner-removes-ransomware-junk-from-your-pc-505978.shtml
cookie shadow 路径注入
https://c0nradsc0rner.wordpress.com/2016/07/06/cookie-shadow-path-injection/
集成到powershell Empire的MS16-032漏洞
https://warroom.securestate.com/leveraging-ms16-032-powershell-empire/
c++ x86的代码混淆库
https://breakdev.org/obfusion-c-x86-code-obfuscation-library/
新的osx/keydnap恶意软件偷取用户账户信息,另一篇报道在http://news.softpedia.com/news/keydnap-mac-malware-steals-keychain-passwords-open-backdoor-on-infected-systems-506053.shtml
http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/
新的mac后门:Eleanor,可以偷数据,执行代码,控制摄像头,另一篇分析http://9to5mac.com/2016/07/06/backdoor-mac-elanor-mac-malware/
https://blog.malwarebytes.com/cybercrime/2016/07/new-mac-backdoor-malware-eleanor/
介绍lamma框架
http://smxlabz.blogspot.in/2016/07/introduction-to-lamma.html
今日针对日本的BEBLOH银行木马行动有所增加
http://blog.trendmicro.com/trendlabs-security-intelligence/bebloh-expands-japan-latest-spam-attack/
CryptXXX 欺诈勒索软件更新
https://isc.sans.edu/diary/21229
RunKeeper存储型XSS
https://www.seekurity.com/blog/general/runkeeper-stores-xss-vulnerability/
资讯类:
超过6000台redis数据库被恶意程序接管
http://news.softpedia.com/news/over-6-000-redis-database-servers-ready-for-the-taking-506056.shtml
wikileak发布1200份在伊拉克战争中的克林顿邮件
http://www.commondreams.org/news/2016/07/05/wikileaks-releases-over-1200-clinton-emails-iraq-war
曾访问克林顿电子邮箱的罗马尼亚黑客Guccifer被发现死于牢房中
http://christiantimesnewspaper.com/breaking-romanian-hacker-with-access-to-clinton-emails-found-dead-in-jail-cell/
OSX.Pirrit恶意广告背后的以色列广告公司
http://news.softpedia.com/news/israeli-advertising-company-behind-osx-pirrit-mac-adware-506020.shtml