3月10日安全热点 – Slingshot APT / Qwerty 勒索软件

阅读量    26581 |

分享到: QQ空间 新浪微博 微信 QQ facebook twitter

 

资讯类

Cyber​​-espionage组织通过MicroTik路由器感染受害者设备

https://www.bleepingcomputer.com/news/security/cyber-espionage-group-infects-victims-through-microtik-routers/

https://thehackernews.com/2018/03/slingshot-router-hacking.html

https://www.theregister.co.uk/2018/03/09/slingshot_malware_uses_cunning_plan_to_find_a_route_to_sysadmins/

 

Qwerty 勒索软件利用GnuPG加密受害者文件

https://www.bleepingcomputer.com/news/security/qwerty-ransomware-utilizes-gnupg-to-encrypt-a-victims-files/

 

Memfixed工具有助于缓解基于Memcached的DDoS攻击

https://www.bleepingcomputer.com/news/security/memfixed-tool-helps-mitigate-memcached-based-ddos-attacks/

 

利用EternalBlue NSA漏洞感染服务器进行挖矿

http://www.zdnet.com/article/cryptojacking-attack-uses-leaked-nsa-exploit/

 

俄罗斯黑客在短短一个晚上从32台ATM偷走了860,000欧元

Russian hackers stole 860,000 euros from 32 ATMs belonging to the Raiffeisen Romania in just one night

 

只有一半支付勒索软件赎金的人可以恢复他们的数据

https://www.bleepingcomputer.com/news/security/only-half-of-those-who-paid-a-ransomware-were-able-to-recover-their-data/

 

加热器也能挖矿??

https://www.bleepingcomputer.com/news/cryptocurrency/this-heater-not-only-heats-your-home-but-also-mines-ethereum/

 

技术类

0xB8 威胁情报体系与企业SIEM结合的那些套路——威胁情报的需求判定和选择

https://zhuanlan.zhihu.com/p/34336700?group_id=955089373448953856

 

威胁情报之落地实战-由灰向黑篇

https://mp.weixin.qq.com/s/-EcZnVvwBo2AEO7aHUIvMQ

 

以“威胁应对”为中心,看企业信息安全能力建设

https://www.sec-un.org/%E4%BB%A5%E5%A8%81%E8%83%81%E5%BA%94%E5%AF%B9%E4%B8%BA%E4%B8%AD%E5%BF%83%E7%9C%8B%E4%BC%81%E4%B8%9A%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E8%83%BD%E5%8A%9B%E5%BB%BA%E8%AE%BE-%E6%9D%8E/

 

Cisco Prime Collaboration配置硬编码密码漏洞

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-cpcp

 

Echidna,以太坊的智能模糊器

Echidna, a smart fuzzer for Ethereum

 

获取任何Facebook用户的朋友列表和部分支付卡的详细信息

https://www.josipfranjkovic.com/blog/facebook-friendlist-paymentcard-leak

 

在您的内网中获得域管理员权限的五大方法

https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa

 

TOMCAT安全测试概要

http://www.91ri.org/17611.html

 

Masha and these Bears——2018 Sofacy Activity

https://securelist.com/masha-and-these-bears/84311/;

 

The Slingshot APT FAQ

https://securelist.com/apt-slingshot/84312/

 

PIvirus——linux x86_64 ELF病毒示例

https://github.com/En14c/PIvirus

 

分享到: QQ空间 新浪微博 微信 QQ facebook twitter
|推荐阅读
|发表评论
|评论列表
加载更多