病毒又出了新招:劫持网购地址推广告
201712月第一周舆情周报:安卓恶意软件、新欺诈样本、重大缺陷、其他安全事项等发现"拿破仑"新版本的勒索软件
https://blog.malwarebytes.com/threat-analysis/2017/12/napoleon-ransomware/
内核破绽行使:通过WARBIRD在Windows10上提升权限
http://www.freebuf.com/vuls/155972.html
CVE-2017-11882破绽剖析
https://researchcenter.paloaltonetworks.com/2017/12/unit42-analysis-of-cve-2017-11882-exploit-in-the-wild/
新电子邮件的缺陷可能会引诱发件人
https://www.symantec.com/blogs/threat-intelligence/mailsploit-email-exploit-spoofing
行使勒索软件LinuxSamba绽放的网络存储设备
https://www.bleepingcomputer.com/news/security/storagecrypt-ransomware-infecting-nas-devices-using-sambacry/
MozillaFirefox多个平安绕过破绽CVE-2017-7843/44失败还可DoS
http://toutiao.secjia.com/firefox-bypass-cve-2017-7843-44
Linux内核DoS破绽CVE-2017-1000407大量版本受到影响
http://toutiao.secjia.com/linux-kernel-dos-cve-2017-1000407
RTF破绽剖析
https://securityoversimplicity.wordpress.com/2017/11/23/not-all-she-wrote-part-3-rigged-rtf-documents/
网银木马行使钓鱼邮件.batpowershell举行流传。
https://isc.sans.edu/forums/diary/Phishing campaign uses old bat script to spread banking malware and it is flying under the radar/23091
.GOTYA勒索也出来解密工具
https://twitter.com/demonslay335/status/937705779825700864
cerber最新样本
https://twitter.com/clucianomartins/status/937298746827821057
连邦政府关闭运行时间最长的仙女座僵尸网络
https://thehackernews.com/2017/12/andromeda-botnet.html
技术支持欺诈恶意软件伪造死亡蓝屏
https://www.infosecurity-magazine.com/news/tech-support-scam-malware-fake/
RSA身份验证机构安全绕过缺陷CVE-2017-14377/14378CVSS10分破绽
http://toutiao.secjia.com/rsa-authentication-agent-bypass
谷歌攻击不受欢迎和有害Android应用
https://threatpost.com/google-cracks-down-on-nosy-android-apps/129081/
通过电子邮件下载的勒索
201712月第1周勒索病毒周报
https://twitter.com/tmmalanalyst/status/937877705181216768
Necurs僵尸网络malspam推dridex
http://malware-traffic-analysis.net/2017/12/04/index2.html
在RSAAuthenticationSDK发现了两个不同的缺陷
http://securityaffairs.co/wordpress/66325/hacking/rsa-authentication-sdk-flaws.html
HallowareRansomware只在黑暗的网上销售40美元
https://www.bleepingcomputer.com/news/security/halloware-ransomware-on-sale-on-the-dark-web-for-only-40/?utm_content=buffer50c66&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
PayPal隶属于数据泄高达160万个客户
https://thehackernews.com/2017/12/paypal-tio-data-breach.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed: TheHackersNews (The Hackers News - Security Blog)
新的ShadowBTCwareRansomware变种公布
https://www.bleepingcomputer.com/news/security/new-shadow-btcware-ransomware-variant-released/
2个新的基于.NET的Ransomware(Vortex、BUGWARE)使用开源代码
http://www.securityweek.com/new-net-based-ransomware-uses-open-source-code
CryptoMix公布勒索软件的新变种
https://www.bleepingcomputer.com/news/security/test-cryptomix-ransomware-variant-released/
NHSDMARC医疗机构面临网络钓鱼失败
https://www.infosecurity-magazine.com/news/nhs-dmarc-fail-leaves-patients?utm_source=twitterfeed&utm_medium=twitter
ApacheStrutsS2-055反序列化缺陷CVE-2017-75252.5至2.5.14受影响
http://toutiao.secjia.com/apache-s2-055-cve-2017-7525
谷歌发现了新的TiziAndroid恶意软件
https://www.bleepingcomputer.com/news/security/google-discovers-new-tizi-android-spyware/
本周勒索软件概述
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2017-decryptors-btcware-and-more/
Linux邮件署理Exim远程代码执行缺陷CVE-2017-169434.88和4.89受影响
http://toutiao.secjia.com/exim-rce-cve-2017-16943
思科WebExMeetingsServer远程安全绕过瑕疵CVE-2017-12363
http://toutiao.secjia.com/webex-bypass-cve-2017-12363
cURL/libcURL缺陷溢出在缓冲区CVE-2017-8816还可DoS7.36.0到7.56.1受影响
http://toutiao.secjia.com/curl-bov-cve-2017-8816
在144个GooglePlay应用程序中发现新的Android恶意软件Grabos
https://securingtomorrow.mcafee.com/mcafee-labs/android-malware-grabos-exposed-millions-to-pay-per-install-scam-on-google-play/#sf174581529
ransomware:通盘文件加密为..doc后缀
http://malware-traffic-analysis.net/2017/11/30/index.html
2017年12月Flash漏洞月报