1月17日安全热点 - 恶意Chrome插件/Skygofree

资讯类

四个恶意Chrome浏览器插件影响了超过五十万用户和全球业务

http://securityaffairs.co/wordpress/67807/cyber-crime/malicious-chrome-extensions-2.html

 

加拿大男子被控告通过LeakedSource数十亿黑客泄露账户

http://securityaffairs.co/wordpress/67798/cyber-crime/leakedsource-admin-charged.html

 

Skygofree — 强大的安卓监控恶意软件

https://thehackernews.com/2018/01/android-spying-malware.html

http://securityaffairs.co/wordpress/67815/malware/skygofree-surveillance-software.html

 

BitConnect正在关闭其贷款和交换平台

https://thenextweb.com/hardfork/2018/01/16/bitconnect-shut-down-closed/

技术类

通过CVE-2017-17215学习路由器漏洞分析，从入坑到放弃

http://www.freebuf.com/vuls/160040.html

 

第2A部分：利用KOLIDE FLEET，OSQUERY，POWERSHELL EMPIRE和CALDERA进行威胁搜索

https://holdmybeersecurity.com/2018/01/16/part-2a-intro-to-threat-hunting-with-kolide-fleet-osquery-powershell-empire-and-caldera-setup-environment/

 

You Can Now Run PowerShell on Linux & macOS

https://www.bleepingcomputer.com/news/microsoft/cya-windows-you-can-now-run-powershell-on-linux-and-macos/

 

用TVM优化ARM GPU上的移动深度学习

http://tvmlang.org/2018/01/16/opt-mali-gpu.html

 

恶意流量分析

http://malware-traffic-analysis.net/2018/01/16/index.html

 

Micropatching将公式编辑器重新带回

https://0patch.blogspot.com/2018/01/bringing-abandoned-equation-editor-back.html

 

Bypassing CSP by Abusing JSONP Endpoints

https://medium.com/@mazin.ahmed/bypassing-csp-by-abusing-jsonp-endpoints-47cf453624d5

 

一些好用的威胁检测和捕获工具

https://github.com/0x4D31/awesome-threat-detection

 

The injected coinhive iframe

https://blog.manchestergreyhats.co.uk/posts/the-injected-coinhive-iframe—a-quick-look/

 

GitHub Sensitive Information Leak

https://github.com/FeeiCN/GSIL