Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

Nikto for Windows with some extra features.
–> wikto - github <–

Reaver – WPS Pin Hacking Tool
–> reaver - github <–



Talks & Knowledge

APT19 - China_Espionage_Dynasty
–> China Espionage Dynasty - SeeBug <–

Hunting AdwindRAT with SSL Heuristics
–> Hunting AdwindRAT - NetReSec <–

Hunting Pastebin with PasteHunter
–> Hunting Pastebin - TechAnarchy <–

FLUCTUATION IN THE EXPLOIT KIT MARKET – TEMPORARY BLIP OR LONG-TERM TREND?
–> Exploit Kit Market - DigitalShadows <–

Security: Trends of Threats in 2017
–> Trends of Threats - info security <–

Linux 4.13 Kernel Space TLS Support
–> Linux 4.13 TLS Support - github <–




Threats

Android security: Multiple bootloader bugs found in major chipset vendors’ code
–> Android bootloader bugs - ZDNet <–

Bank Trojan
–> AndroBot - VirusTotal <–

Siemens Patches Flaws in Automation, Power Distribution Products
–> SCADA Flaws - Security Week <–

Thunder Mining on Mirai BotNet
–> Thunder Mining on Mirai BotNet - Twitter 0xDUDE <–

China-linked KHRAT Operators Adopt New Delivery Techniques
–> KHRAT - Security Week <–

Taringa: Over 28 Million Users’ Data Exposed in Massive Data Breach
–> Targina Data Breach - The Hacker News <–

Massive Wave of MongoDB Ransom Attacks Makes 26,000 New Victims
–> MongoDB Ransom Attacks - Bleeping Computer <–

A bunch of proof-of-concept exploits for the Linux kernel
–> Linux kernel exploits - github <–

FOUR MILLION TIME WARNER CABLE RECORDS LEFT ON MISCONFIGURED AWS S3
–> Time Warner data leakage - threat post <–

PATCH RELEASED FOR CRITICAL APACHE STRUTS BUG
–> Apache Struts Bug - threat post <–