1月22日每日安全热点 - 黑客疏于防范导致自己战利品泄露

Powered by 360CERT

漏洞 Vulnerability

SolMan漏洞PoC公布恐致大规模攻击

https://securityaffairs.co/wordpress/113691/hacking/sap-solman-flaw-scannin.html

 

恶意软件 Malware

Dovecat挖矿恶意软件感染QNap设备

https://securityaffairs.co/wordpress/113710/malware/qnap-dovecat-malware.html

 

安全研究 Security Research

Kindledrip：从电子邮件到信用卡一条龙

https://medium.com/realmodelabs/kindledrip-from-your-kindles-email-address-to-using-your-credit-card-bb93dbfb2a08

 

利用防火墙规则干掉Defender

https://medium.com/csis-techblog/silencing-microsoft-defender-for-endpoint-using-firewall-rules-3839a8bf8d18

 

安全资讯 Security Information

英教育部向学生分发的电脑被恶意软件感染

https://www.bleepingcomputer.com/news/security/uk-govt-gives-malware-infected-laptops-to-vulnerable-students/

 

黑客疏于防范导致自己战利品泄露

https://www.bleepingcomputer.com/news/security/hacker-blunder-leaves-stolen-passwords-exposed-via-google-search/

 

安全事件 Security Incident

RDP被黑客利用进行DDoS攻击

https://www.bleepingcomputer.com/news/security/windows-remote-desktop-servers-now-used-to-amplify-ddos-attacks/

 

比利时医院遭勒索软件攻击

https://www.bleepingcomputer.com/news/security/chwapi-hospital-hit-by-windows-bitlocker-encryption-cyberattack/

 

安全客 Security Geek

UEFI bootkit 的感染与手工检测

https://www.anquanke.com/post/id/229257

 

Nodejs中模板引擎渲染原理与潜在隐患探讨

https://www.anquanke.com/post/id/229301