热点概要：拉响WannaCry“紧急制动开关”的安全专家制作Kronos银行木马被捕、DEFCON 25 Recon Village OSINT CTF Write-Up、Supervisord远程命令执行漏洞（CVE-2017-11610）、Windows Defender ATP机器学习：检测新异常行为、dnstwist：域名排列引擎，检测域名拼字错误，用于检测网络钓鱼及企业间谍活动

资讯类：

拉响WannaCry“紧急制动开关”的安全专家制作Kronos银行木马被捕

http://securityaffairs.co/wordpress/61657/cyber-crime/marcus-hutchins-arrested.HTML 

技术类：

DEFCON 25 Recon Village OSINT CTF Write-Up

https://www.digitalsecurity.fr/en/blog/write-defcon-25-recon-village-osint-ctf 

Supervisord远程命令执行漏洞（CVE-2017-11610）

https://www.leavesongs.com/PENETRATION/supervisord-RCE-CVE-2017-11610.HTML 

针对无文件恶意软件js_POWMET的分析

http://blog.trendmicro.com/trendlabs-security-intelligence/look-js_powmet-completely-fileless-malware/ 

如何检测0day及无文件恶意软件

https://community.rapid7.com/community/insightidr/blog/2017/07/26/how-do-you-identify-zero-days-and-fileless-malware-download-the-ram 

Python化VMware后门

https://www.zerodayinitiative.com/blog/2017/8/1/pythonizing-the-vmware-backdoor 

CheckPlease:Payload-Agnostic Implant Security

https://github.com/Arvanaghi/CheckPlease 

Nessus Compliance Generator 

https://coar.risc.anl.gov/nessus-compliance-generator/ 

WannaCry的比特币赎金被转换为Monero

https://www.cyberscoop.com/wannacry-monero-bitcoin/ 

PowerShell混淆检测

https://www.fireeye.com/blog/threat-research/2017/07/revoke-obfuscation-powershell.HTML 

Windows Defender ATP机器学习：检测新异常行为

https://blogs.technet.microsoft.com/mmpc/2017/08/03/windows-defender-atp-machine-learning-detecting-new-and-unusual-breach-activity/ 

dnstwist：域名排列引擎，检测域名拼字错误，用于检测网络钓鱼及企业间谍活动

https://github.com/elceef/dnstwist