技术类:
BSides Cleveland 2016 会议视频
https://www.irongeek.com/i.php?page=videos/bsidescleveland2016/mainlist
经过一年对windows内核字体的fuzzing结果
http://Googleprojectzero.blogspot.com/2016/06/a-year-of-windows-kernel-font-fuzzing-1_27.HTML
Triforce项目: Run AFL on Everything!
https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/june/project-triforce-run-afl-on-everything/
使用pyrit,oclhash,cowpatty来破解wifi
http://rajhackingarticles.blogspot.com/2016/06/3-ways-to-crack-wifi-using-pyrit.HTML
使用 ZBAanalyzer 来分析ZigBee包
http://www.cutawaysecurity.com/blog/2016/06/27/zigbee-packet-capture-analysis-using-zbaanalyzer/
在线检测ms14-068 kerberos利用包,以及分析 PyKEK 利用工具是如何工作的
https://adsecurity.org/?p=763
WASE:开源的web审计搜索引擎
https://github.com/thomaspatzke/WASE
GSMA发布的IOT安全辅导
http://www.gsma.com/connectedliving/wp-content/uploads/2016/02/CLP.14-v1.0.pdf
locky恶意欺诈软件反虚拟机的技巧
https://blogs.forcepoint.com/security-labs/locky-returned-new-anti-vm-trick?utm_source=dlvr.it&utm_medium=twitter
介绍反fuzzing,深入防守
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2014/january/introduction-to-anti-fuzzing-a-defence-in-depth-aid/
研究者发现RockLoader 派发新的加密勒索软件
http://phishme.com/rockloader-downloading-new-ransomware-bart/
Archive.org的python命令行接口
https://github.com/jjjake/internetarchive
一个通过websockets实现一个看似不可能的web debugger
https://github.com/Kozea/wdb
熊猫安全软件的权限提升漏洞
http://seclists.org/fulldisclosure/2016/Jun/67
资讯类:
斯诺登说俄罗斯的数据收集计划非常危险
http://www.bbc.com/news/technology-36640457
黑客售卖1000万的Lookbook.nu 明文密码数据库
https://www.hackread.com/hacker-selling-million-lookbook-accounts/
新的exploit针对医疗设备,将病患置入危险中
http://www.zdnet.com/article/new-exploit-targets-hospital-devices-places-patients-at-risk/#ftag=RSSbaffb68
uber优惠码漏洞,允许任意黑客免费驾驶
https://www.digitalmunition.me/2016/06/uber-promo-code-vulnerability-allows-hacker-get-free-rides/?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+digitalmunition%2FUHtl+%28DigitalMunition%29
25000个摄像头被用来组成僵尸网络作dos攻击
http://www.theregister.co.uk/2016/06/28/25000_compromised_cctv_cameras/
评论