2月13日安全热点 - 平昌冬奥会恶意软件 / Skype提权漏洞

 

资讯类

Skype更新程序中存在提权安全漏洞

http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/

 

只需插入 USB 就能黑掉 Linux 设备

https://www.bleepingcomputer.com/news/linux/its-2018-and-you-can-still-p0wn-your-linux-box-by-plugging-in-a-usb-stick/

 

国际网络犯罪组织Lazarus——比特币网络钓鱼攻击活动

https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/

 

破坏性的恶意软件在平昌2018年冬奥会上肆意妄为

http://blog.talosintelligence.com/2018/02/olympic-destroyer.html

https://www.bleepingcomputer.com/news/security/destructive-malware-wreaks-havoc-at-pyeongchang-2018-winter-olympics/

 

挖矿活动瞄准安卓用户

Drive-by cryptomining campaign targets millions of Android users

 

Rapid Ransomware的一个新变种正在通过malspam传播

https://www.bleepingcomputer.com/news/security/rapid-ransomware-being-spread-using-fake-irs-malspam/

 

技术类

简述Cisco RV132W多个漏洞

https://blogs.securiteam.com/index.php/archives/3590

 

Evasive恶意软件的热潮

https://blog.minerva-labs.com/the-upsurge-in-evasive-malware

 

CloudMe未经身份验证的远程缓冲区溢出

https://blogs.securiteam.com/index.php/archives/3669

 

快速afcd反汇编

http://newosxbook.com/articles/afcdecomposed.html

 

Debian & VBox Installation + GHDB

https://0x00sec.org/t/penny-os-0x01-debian-vbox-installation-ghdb/5450

 

NrsMiner：一个构造精密的挖矿僵尸网络

https://www.anquanke.com/post/id/98272

 

2017年 AI安全风险白皮书

https://www.anquanke.com/post/id/98300

 

 

利用缓解技术 – 地址空间布局随机化（ASLR）

https://0x00sec.org/t/exploit-mitigation-techniques-address-space-layout-randomization-aslr/5452

 

教程：为恶意软件检测创建Yara签名

https://0x00sec.org/t/tutorial-creating-yara-signatures-for-malware-detection/5453

 

MySQL UDF Exploitation

https://osandamalith.com/2018/02/11/mysql-udf-exploitation/

 

Antivirus Scanning of a PCAP File

http://www.netresec.com/?page=Blog&month=2018-02&post=Antivirus-Scanning-of-a-PCAP-File

 

TCP-Starvation

https://github.com/Eplox/TCP-Starvation

 

一种检测网络中响应者的存在的工具

https://github.com/codeexpress/respounder