资讯类

Ransomware的一周 – 2018年1月26日 – SamSam＆Hack攻击

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2018-samsam-and-hack-attacks/

通过键盘记录器黑客入侵了超过2000个WordPress网站

https://www.bleepingcomputer.com/news/security/keylogger-campaign-hits-over-2-000-wordpress-sites/

联想修复了影响THINKPAD指纹扫描仪的硬编码密码漏洞

https://threatpost.com/lenovo-fixes-hardcoded-password-flaw-impacting-thinkpad-fingerprint-scanners/129680/

不安全的VR应用程序暴露客户数据

https://blog.malwarebytes.com/cybercrime/2018/01/insecure-vr-app-exposes-customer-data/

加密货币矿工在YouTube上投放广告并耗尽您的CPU

YouTube Serves Ads With Cryptocurrency Miners

技术类

网络犯罪的策略和技巧：2017恶意软件回顾

https://www.malwarebytes.com/pdf/white-papers/CTNT-Q4-17.pdf

卡巴斯基对使用 DNS 隧道通信的后门的分析报告

Denis and Co.

实践：UEBA视角下的威胁情报聚类与攻击者分析

https://mp.weixin.qq.com/s/bm8jK8mLsYkWNH_fwIcPAg

Electron 自定义协议命令注入（CVE-2018-1000006）分析

https://paper.seebug.org/515/

http://www.91ri.org/17541.HTML

HTTP头注入

https://medium.com/bread-and-circuses/http-header-injection-for-fun-and-zero-profit-63fa9ff64310

使用本地方法调试CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android第三方Java应用程序

https://kov4l3nko.github.io/blog/2018-01-25-debugging-mixed-CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android-code/

保护全球范围内的加密流量

https://blogs.cisco.com/security/securing-encrypted-traffic-on-worldwide-scale

一次在 Sandstorm 跳脫沙箱的渗透测试

https://devco.re/blog/2018/01/26/Sandstorm-Security-Review-CVE-2017-6200-en/

1-Day 浏览器和内核开发

http://powerofcommunity.net/poc2017/andrew.pdf

OilRig利用RGDoor IIS后门攻击中东国家

OilRig uses RGDoor IIS Backdoor on Targets in the Middle East

华硕DSL-N14U B1路由器1.1.2.3_345更改管理员密码

https://cxsecurity.com/issue/WLB-2018010289