【知识】11月5日 - 每日安全知识热点

热点概要：流行的动漫网站Crunchyroll.com被劫持用于传播恶意软件（分析报告）、2018年恶意软件预测、对IoT_Reaper已有分析的细节补充、Ladon Webservice（<=0.9.40）的XXE、tnftp "savefile"任意命令执行、Splunk本地提权、fridump：基于Frida的通用内存dump工具、OpenSSl修复了两个漏洞、Kernelpop：内核提权exploit框架

资讯类：

流行的动漫网站Crunchyroll.com被劫持用于传播恶意软件

https://www.bleepingcomputer.com/news/security/popular-anime-site-crunchyroll-com-hijacked-to-distribute-malware/ 

为什么新兴的亚太地区市场是未来恶意软件的主要目标

https://blog.malwarebytes.com/cybercrime/2017/11/emerging-apac-markets-prime-targets-malware-future/ 

2018年恶意软件预测：从漫长的夏季学习勒索软件

https://nakedsecurity.sophos.com/2017/11/03/2018-malware-forecast-learning-from-the-long-summer-of-ransomware/ 

完整版下载：

https://www.sophos.com/en-us/en-us/medialibrary/PDFs/technical-papers/malware-forecast-2018.pdf?la=en 

恶意Chrome插件偷取密码并且占用CPU资源

https://duo.com/blog/malicious-chrome-extensions-steal-passwords-and-cpu

技术类：

动漫网站Crunchyroll.com被劫持的分析：

https://doublepulsar.com/crunchyroll-serving-remote-access-malware-dd774867c129 

对IoT_Reaper已有分析的细节补充

https://labsblog.f-secure.com/2017/11/03/rickrolled-by-none-other-than-iotreaper/ 

tnftp "savefile"任意命令执行

https://cxsecurity.com/issue/WLB-2017110023 

https://www.exploit-db.com/exploits/43112/ 

Ladon Webservice（<=0.9.40）的XXE

https://cxsecurity.com/issue/WLB-2017110026 

https://www.redteam-pentesting.de/en/advisories/rt-sa-2016-008/-xml-external-entity-expansion-in-ladon-webservice 

GraphicsMagick内存泄露/堆溢出

https://cxsecurity.com/issue/WLB-2017110024 

Splunk本地提权

https://cxsecurity.com/issue/WLB-2017110030 

用C语言写的一个简单的虚拟机

https://github.com/rmccullagh/como-lang-ng/blob/master/vm/simple.c 

AFL toolchain for Swift, code and binary

https://github.com/Proteas/afl-swift 

Stuxnet（震网）式的带有合法数字证书的恶意软件比想象的要广泛

https://arstechnica.com/information-technology/2017/11/evasive-code-signed-malware-flourished-before-stuxnet-and-still-does/ 

专家提出了IoT固件更新的标准

https://www.bleepingcomputer.com/news/security/experts-propose-standard-for-iot-firmware-updates/ 

PROPagate：一种新的代码注入技巧

http://www.hexacorn.com/blog/2017/11/03/propagate-a-new-code-injection-trick-64-bit-and-32-bit/ 

fridump：基于Frida的通用内存dump工具

http://pentestcorner.com/introduction-to-fridump/ 

https://github.com/Nightbringer21/fridump 

Android平台示例：

http://pentestcorner.com/fridump-android-examples/ 

iOS平台示例：

http://pentestcorner.com/fridump-ios-examples/ 

WordPress Plugin JTRT Responsive Tables 4.1 SQL注入

https://www.exploit-db.com/exploits/43110/ 

CredSniper: An advanced Phishing framework that also captures 2FA tokens (bypass Google U2F) 

https://github.com/ustayready/CredSniper 

Ladon Framework for Python 0.9.40 – XML External Entity Expansion

https://www.exploit-db.com/exploits/43113/ 

OpenSSl修复了两个通过Google开源OSS-Fuzz fuzzing service发现的漏洞

http://securityaffairs.co/wordpress/65097/security/openssl-google-oss-fuzz-fuzzing.html 

telnet-iot-honeypot：Python telnet honeypot for catching botnet binaries 

http://www.kitploit.com/2017/11/telnet-iot-honeypot-python-telnet.html 

https://github.com/Phype/telnet-iot-honeypot 

Sage 2.2勒索软件的反调试技巧：OutputDebugStringW 

https://www.virustotal.com/#/file/43921c3406d7b1a546334e324bdf46c279fdac928de810a86263ce7aa9eb1b83/detection 

Kernelpop：内核提权exploit框架

http://www.kitploit.com/2017/11/kernelpop-kernel-privilege-escalation.html 

https://github.com/spencerdodd/kernelpop 

如何搭建一个简单的恶意软件分析环境

https://www.malwaretech.com/2017/11/creating-a-simple-free-malware-analysis-environment.html 

通过Vhost访问localhost——virtual host枚举

https://blog.securitybreached.org/2017/11/04/access-localhost-via-virtual-host-virtual-host-enumeration/ 

密码货币是什么？为什么网络罪犯中意它？

https://blog.malwarebytes.com/101/2017/11/cryptocurrency-works-cybercriminals-love/