2017-10-14 09:39:22
阅读:1047次
点赞(0)
收藏
来源: 安全客
作者:77caikiki
热点概要:DDoS攻击导致瑞典火车延误、Equifax网站把用户重定向到Adware和诈骗网站、Chrome扩展用你的Gmail注册域名还注入挖矿代码、钓鱼Word文档用RAT传播malware、新的野外Anubi Ransomware、Android DoubleLocker Ransomware:按下Home键就可激活你怕不怕(改变PIN值,加密文件)
资讯类:
DDoS攻击导致瑞典火车延误
https://www.bleepingcomputer.com/news/security/ddos-attacks-cause-train-delays-across-sweden/
Equifax网站把用户重定向到Adware和诈骗网站
https://www.bleepingcomputer.com/news/security/equifax-website-redirected-users-to-adware-scam-sites/
Chrome扩展用你的Gmail注册域名还注入挖矿代码
https://www.bleepingcomputer.com/news/security/chrome-extension-uses-your-gmail-to-register-domains-names-and-injects-coinhive/
技术类:
钓鱼Word文档用RAT传播malware
https://blog.malwarebytes.com/threat-analysis/2017/10/decoy-microsoft-word-document-delivers-malware-through-rat/
通过DNS输入错误完成实用水坑
https://blog.0day.rocks/practical-waterholing-through-dns-typosquatting-e252e6a2f99e
新的野外Anubi Ransomware
https://www.bleepingcomputer.com/news/security/new-anubi-ransomware-in-the-wild/
Android DoubleLocker Ransomware:按下Home键就可激活你怕不怕(改变PIN值,加密文件)
https://www.bleepingcomputer.com/news/security/android-doublelocker-ransomware-activates-every-time-you-hit-home-button/
https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/
Disassembler and Runtime Analysis(IDA Pro没检测出来的那些修改)
http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
新型x1881 CryptoMix Ransomware变种放出
https://www.bleepingcomputer.com/news/security/new-x1881-cryptomix-ransomware-variant-released/
Exploding Git Repositories
https://kate.io/blog/git-bomb/
安全应急响应工具大合集
https://github.com/meirwah/awesome-incident-response/blob/master/README_ch.md
Leaking Amazon.com CSRF Tokens Using Service Worker API
https://ahussam.me/Amazon-leaking-csrf-token-using-service-worker/
Injects C# EXE or DLL Assembly into every CLR runtime and AppDomain of another process.
https://github.com/jonatan1024/clrinject
HSTS(HTTP Strict Transport Security)实用解答
https://pentesterslife.wordpress.com/2017/09/12/http-strict-transport-security-the-practical-explanation/
本文由 安全客 原创发布,如需转载请注明来源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4544.html