Android安全技術周報 10.13 - 10.19
System
1. The State of Kernel Self-Protection
https://kernel-recipes.org/en/2017/talks/the-state-of-kernel-self-protection/
Malware
1. Android DoubleLocker Ransomware 一種新型安卓勒索軟體,按下Home鍵就可激活(改變PIN值,加密文件)
https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/
2. 地下暗流:揭秘控制百萬肉雞的GhostFramework
http://www.freebuf.com/articles/terminal/150360.html
3. 新型IoT機頂盒惡意軟體Rowdy網路分析報告
http://blog.nsfocus.net/iot-set-top-box-malware-rowdy-network-analysis-report/
Tech
1. 阿里巴巴移動安全應用加固能力養成記
http://www.freebuf.com/articles/terminal/150496.html
2. ISC 2017 移動終端安全論壇 PPT
http://bobao.360.cn/news/detail/4318.html
3. 寫給大家看的機器學習書系列
https://www.zhihu.com/people/hancy/posts
4. 深度學習在安全領域的paper
http://www.covert.io/deep-learning-security-papers/
5. hack.lu 2017 視頻
https://www.youtube.com/playlist?list=PLCxOaebc_2yNlOGhuOjInlJvr0Ktb_FYz
6. CppCon 2017 會議的議題資料和視頻
https://github.com/CppCon/CppCon2017><https://www.youtube.com/user/CppCon
7. 愛奇藝業務安全風控體系的建設實踐
http://bobao.360.cn/learning/detail/4541.html
8. 威脅情報在安全運維中的應用
https://www.slideshare.net/JeremyLi10/application-of-threat-intelligence-in-security-operation
9. 對深度學習的逃逸攻擊——探究人工智慧系統中的安全盲區
http://bobao.360.cn/learning/detail/4569.html
10. Awesome Android Open Source Libraries:
https://blog.mindorks.com/awesome-android-open-source-libraries-56a008c776c0
Tool
1. 用於輔助IDA 逆向的多個腳本工具:
https://github.com/1111joe1111/ida_ea
2. 安全應急響應工具合集
https://github.com/meirwah/awesome-incident-response/blob/master/README_ch.md
3. holodec 支持x86和x86-64 ELF二進位文件反編譯
http://t.cn/ROR4ioT
4. nsjail:A light-weight process isolation tool, making use of Linux namespaces and
seccomp-bpf syscall filters (with help of the kafel bpf language)
https://github.com/google/nsjail
5. 一加手機OPDeviceManager的反編譯源碼
https://github.com/fs0c131y/OPDeviceManager
6. Aktaion - 用於研究 Exploit 和釣魚檢測的開源機器學習工具和樣本
https://github.com/jzadeh/Aktaion
7. PythonClassInformer - NCC Group 開源的一個 IDA Pro 插件,用於分析並可視化 C++ 的運行時類型信息
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/
Vulnerability
1. Exploiting on CVE-2016-6787,CVE-2016-6787 漏洞是位於 Android 內核 perf
子系統中的提權漏洞https://hardenedlinux.github.io/system-security/2017/10/16/Exploiting-on-CVE-2016-6787.html
2. Danger is My Middle Name: Experimenting with SSL Vulnerabilities in Android Apps. Android APP SSL 相關漏洞的研究報告
https://arxiv.org/ftp/arxiv/papers/1505/1505.00589.pdf
3. Wi-Fi WPA2 協議被曝安全漏洞。Clients 加入WPA2 網路的 Four-way 握手過程中攻擊者可以發起 Key Reinstallation 攻擊,成功之後可以實現數據包被解密、數據包重放、TCP 鏈路劫持等
https://www.krackattacks.com/https://papers.mathyvanhoef.com/ccs2017.pdf
WPA2 KRACK Attacks 分析報告
http://bobao.360.cn/learning/detail/4556.html
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
https://papers.mathyvanhoef.com/ccs2017.pdf
密鑰重載攻擊:強制WPA2重用Nonce
http://bobao.360.cn/learning/detail/4561.html
KRACK:WPA2系列漏洞事件預警(含技術文章翻譯)
http://bobao.360.cn/learning/detail/4562.html
WPA2漏洞原理分析與防禦
http://bobao.360.cn/learning/detail/4565.html
Call for WPA3 - whats wrong with WPA2 security and how to fix it
https://github.com/d33tah/call-for-wpa3/blob/master/README.md?t=1
「WPA2被破解」是啥意思?連個WiFi,我的賬號密碼丑照就全泄露了?!
https://mp.weixin.qq.com/s/nJj57YsvGMZj3egw_zLrlg
思科對於WiFi WPA KRACK 攻擊相關的多個漏洞的介紹
https://blogs.cisco.com/security/wpa-vulns
krackattacks-test-ap-ft:判斷路由器是否受到CVE-2017-13082漏洞(WPA2 KRACK Attacks)的影響
https://github.com/vanhoefm/krackattacks-test-ap-ft
4. Exploiting on CVE-2016-6787(Linux kernel localprivilege escalation) Android 內核 perf 子系統中的提權漏洞
https://hardenedlinux.github.io/system-security/2017/10/16/Exploiting-on-CVE-2016-6787.html
5. Awesome-Fuzzing 模糊測試的學習資源(視頻、書籍、工具、以及實例代碼)
https://github.com/secfigo/Awesome-Fuzzing
推薦閱讀:
※安全文明的意義,真的很驚人
※怎麼優雅的住酒店?(健康、安全)
※SecWiki周刊(第178期)
※什麼是「安全」?我們的「安全」來自哪裡?鼓吹「絕對安全」意味著什麼?
TAG:安全 |