技术类:

IBM BlueMix Cloud – (API) 存储型XSS漏洞

http://seclists.org/fulldisclosure/2016/Jul/3

子域名暴力破解工具Sublist3r更新

https://github.com/aboul3la/Sublist3r

Ayaabu是一个有趣的开源脚本,用来欺骗恶意软件以为计算机安装了多个杀软

https://github.com/mynameisv/Ayaabu

Cerber恶意欺诈软件的恶意pcap包

http://www.malware-traffic-analysis.net/2016/07/05/index.html

Cuckoo的沙箱驱动,可以在执行恶意文件的时候实现内核分析

https://github.com/angelkillah/zer0m0n

扫描和利用不安全的树莓派的脚本

https://github.com/Fysac/lhf

nccgroup发布了一个欺诈勒索软件模拟软件

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/july/ransomware-how-vulnerable-is-your-system/

US-CERT警告Symantec和Norton的几款安全产品包含严重的漏洞

https://www.us-cert.gov/ncas/alerts/TA16-187A

通过ubuntu bash来安装windows 10

http://www.howtogeek.com/261188/how-to-uninstall-or-reinstall-windows-10s-ubuntu-bash-shell/

使用chip-8中断写一个模拟器

http://www.multigesture.net/articles/how-to-write-an-emulator-chip-8-interpreter/

RansomNoteCleaner 移除欺诈软件留下的垃圾信息的工具

http://news.softpedia.com/news/ransomnotecleaner-removes-ransomware-junk-from-your-pc-505978.shtml

cookie shadow 路径注入

https://c0nradsc0rner.wordpress.com/2016/07/06/cookie-shadow-path-injection/

集成到powershell Empire的MS16-032漏洞

https://warroom.securestate.com/leveraging-ms16-032-powershell-empire/

c++ x86的代码混淆库

https://breakdev.org/obfusion-c-x86-code-obfuscation-library/

新的osx/keydnap恶意软件偷取用户账户信息,另一篇报道在http://news.softpedia.com/news/keydnap-mac-malware-steals-keychain-passwords-open-backdoor-on-infected-systems-506053.shtml

http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/

新的mac后门:Eleanor,可以偷数据,执行代码,控制摄像头,另一篇分析http://9to5mac.com/2016/07/06/backdoor-mac-elanor-mac-malware/

https://blog.malwarebytes.com/cybercrime/2016/07/new-mac-backdoor-malware-eleanor/

介绍lamma框架

http://smxlabz.blogspot.in/2016/07/introduction-to-lamma.html

今日针对日本的BEBLOH银行木马行动有所增加

http://blog.trendmicro.com/trendlabs-security-intelligence/bebloh-expands-japan-latest-spam-attack/

CryptXXX 欺诈勒索软件更新

https://isc.sans.edu/diary/21229

RunKeeper存储型XSS

https://www.seekurity.com/blog/general/runkeeper-stores-xss-vulnerability/

资讯类:

超过6000台redis数据库被恶意程序接管

http://news.softpedia.com/news/over-6-000-redis-database-servers-ready-for-the-taking-506056.shtml

wikileak发布1200份在伊拉克战争中的克林顿邮件

http://www.commondreams.org/news/2016/07/05/wikileaks-releases-over-1200-clinton-emails-iraq-war

曾访问克林顿电子邮箱的罗马尼亚黑客Guccifer被发现死于牢房中

http://christiantimesnewspaper.com/breaking-romanian-hacker-with-access-to-clinton-emails-found-dead-in-jail-cell/

OSX.Pirrit恶意广告背后的以色列广告公司

http://news.softpedia.com/news/israeli-advertising-company-behind-osx-pirrit-mac-adware-506020.shtml