2017年度勒索病毒盘点报告
20182月1日公众舆论周报:安卓恶意软件、新欺诈样本、重大缺陷、其他安全事项等 来势汹汹的Android僵尸网络曝光16个月后依然郁郁葱葱
https://arstechnica.com/information-technology/2018/01/menacing-android-botnet-still-thrives-16-months-after-coming-to-light/
黑客准备冬奥会和有针对性的网络钓鱼攻击
https://www.cybertalk.org/2018/01/09/hackers-prepare-winter-olympics-targeted-phishing-attack/
众所周知的威胁组DRAGONFISH(或LotusBlossom)正在分发一种新的Elise恶意软件
https://www.accenture.com/t20180127T003755Z__w__/us-en/_acnmedia/PDF-46/Accenture-Security-Dragonfish-Threat-Analysis.pdf
与伊朗有联系APTOilRig以新的RGDoor后门为目的IISWeb服务器
http://securityaffairs.co/wordpress/68317/apt/oilrig-rgdoor-backdoor.html
跨越2000个WordPress该网站已被恶意剧本熏染,可同时提供键盘记录和加密硬币矿工CoinHive
http://securityaffairs.co/wordpress/68334/malware/wordpress-sites-keylogger.html
骗子为了掩盖大规模的恶意广告运动,创造了28家假广告代理商
https://www.bleepingcomputer.com/news/security/crooks-created-28-fake-ad-agencies-to-disguise-massive-malvertising-campaign/
联邦快递和谷歌驱动器引诱受害者的新网络钓鱼圈套
https://www.scmagazine.com/new-phishing-scam-combines-fedex-and-google-drive-to-lure-victims/article/739575/
TopHat对中东行使恶意软件Google ,Pastebin和bit.ly
https://www.scmagazine.com/middle-east-hit-with-tophat-campaign-exploiting-popular-third-party-services/article/739907/
视频|遐想指纹识别软件FingerprintManager硬编码密码缺陷CVE-2017-3762影响9个系列
http://toutiao.secjia.com/cve-2017-3762
FriedEx:BitPaymer勒索Dridex作者的另一部作品
https://www.welivesecurity.com/2018/01/26/friedex-bitpaymer-ransomware-work-dridex-authors/
趋势科技发现恶意广告流滥用Google的DoubleClick来交付CoinhiveMiner
http://securityaffairs.co/wordpress/68285/hacking/coinhive-malvertising-campaign.html
骗子制造SpriteCoincryptocurrency下载勒索软件的诱惑
https://www.scmagazine.com/crooks-fabricate-spritecoin-cryptocurrency-as-lure-to-download-ransomware/article/738973/
使用英特尔SGX偷窃比特币
https://www.blackhat.com/asia-18/briefings/schedule/index.html#when-good-turns-evil-using-intel-sgx-to-stealthily-steal-bitcoins-9918
隐藏物联网僵尸网络,使用对等通信捕获
https://www.scmagazine.com/hide-n-seek-used-custom-built-peer-to-peer-communication-to-exploit-victims/article/739293/
Ransomware的一周-2018年1月26日-SamSam&Hack攻击
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-26th-2018-samsam-and-hack-attacks/
PLOUTUS.D美国自动取款机累积奖金攻击恶意软件变种
https://threatpost.com/ploutus-d-malware-variant-used-in-u-s-based-atm-jackpotting-attacks/129686/
V8引擎UAF缺陷导致远程代码执行(CVE-2017-15399)
https://bugs.chromium.org/p/chromium/issues/detail?id=776677
行使恶意种子天生网站iotaseed.io从IOTA加密硬币网站偷400万美元
https://thatoddmailbox.github.io/2018/01/28/iotaseed.html
iOS、webOS、tvOS的bluetoothd服务发现了两个严重的缺陷(CVE-2018-4087/CVE-2018-4095)
https://blog.zimperium.com/new-crucial-vulnerabilities-apples-bluetoothd-daemon/
CVE-2017-8570第一次公开的野外样本和破绽分析
https://mp.weixin.qq.com/s/dMqovzZ70SJgdnfAZtcZMg
IOTA钓鱼攻击加密硬币用户损失400万
https://www.bleepingcomputer.com/news/security/iota-cryptocurrency-users-lose-4-million-in-clever-phishing-attack/
Cisco公布平安RCE和Dos破绽建议
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
Necurs僵尸网络正在推广Swisscoin
http://www.freebuf.com/news/161197.html
Fortinet发现华硕路由器的缺陷
https://blog.fortinet.com/2018/01/30/fortiguard-labs-discovers-vulnerability-in-asus-router
JackpootingATM美国已经出现了攻击
https://nakedsecurity.sophos.com/2018/01/30/secret-service-warning-jackpotting-atm-attacks-reach-the-us/
2017十大信息泄露事件
行使企业软件的黑客Kaseya罗比挖掘部门的缺陷部署
https://www.scmagazine.com/hackers-exploit-flaw-in-enterprise-software-to-deploy-monero-cryptominer/article/740362/
OracleMICROSPOS平安绕过破绽CVE-2018-2636PoC已公然
http://toutiao.secjia.com/cve-2018-2636
荷兰银行和税务机构大规模受到影响DDos攻击
https://www.bleepingcomputer.com/news/security/dutch-banks-tax-agency-under-ddos-attacks-a-week-after-big-russian-hack-reveal/
阿尔卡特手机默认相册app被替换成spyware
http://www.androidpolice.com/2018/01/29/default-gallery-app-alcatel-phones-replaced-spamware-users-angry/
2恶意软件年Vermin感染乌克兰
https://www.scmagazine.com/two-year-old-malware-campaign-plagues-ukrainians-with-vermin-quasar-rats/article/740534/
wannamine,巨大的加密矿工通过NSA永恒的蓝色流传
http://securityaffairs.co/wordpress/68518/malware/wannamine-nsa-eternalblue.html
恶意的Chrome扩展在Chrome网络商铺发现,FormDroidclubBotnet
https://blog.trendmicro.com/trendlabs-security-intelligence/malicious-chrome-extensions-found-chrome-web-store-form-droidclub-botnet/
新的AdobeFlash0day发现在野外
https://www.bleepingcomputer.com/news/security/new-adobe-flash-zero-day-spotted-in-the-wild/
Smominru僵尸网络熏染了500,000台Windows机械
https://www.bleepingcomputer.com/news/security/smominru-botnet-infected-over-500-000-windows-machines/
DDG:为数据库服务器挖掘僵尸网络
http://blog.netlab.360.com/ddg-a-mining-botnet-aiming-at-database-server-en/
TRICKBOT快速测试驱动器(现在有单个模块)
http://malware-traffic-analysis.net/2018/02/01/index.html
日本第二大加密货币交易平台Coincheck日本政府干预观察黑客窃取价值约5亿美元的数字硬币
https://www.v3.co.uk/v3-uk/news/3025935/japanese-authorities-warned-coincheck-about-serious-security-flaws-before-thieves-stole-usd530-million
思科修复DoS破绽CVE-2018-0136,攻击者可以通过发送IPv6数据包行使这个缺陷
https://www.scmagazine.com/cisco-update-eliminates-dos-vulnerability-in-aggregation-services-router-operating-system/article/741021/
谷歌从2017年开始示意谷歌Play与2016年相比,商店删除了70多万个不良或恶意应用程序。70%。
https://www.bleepingcomputer.com/news/security/google-removed-over-700-000-malicious-android-apps-from-the-play-store-in-2017/
全球已有50万台装备被跨越Smominru矿工病毒胁制已挖掘出近9000个门罗币(价值约360万美元)
https://threatpost.com/massive-smominru-cryptocurrency-botnet-rakes-in-millions/129726/
BeeToken该公司的客户被钓鱼邮件骗取100万美元以太币
https://www.scmagazine.com/phishing-attacks-net-initial-coin-offering-investors-second-time-this-week/article/741031/
黑客冒充FBI互联网犯罪投诉中央发送钓鱼邮件
https://www.scmagazine.com/phishing-emails-impersonate-fbis-internet-crime-complaint-center/article/741763/
AdobeFlashPlayer0dayCVE-2018-4878,下周发补丁
https://www.scmagazine.com/attackers-exploiting-critical-adobe-flash-player-zero-day-bug-no-patch-until-next-week/article/741462/
发现攻击中东地区RGDoorIIS后门病毒
https://researchcenter.paloaltonetworks.com/2018/01/unit42-oilrig-uses-rgdoor-iis-backdoor-targets-middle-east/
计算机管家推出了反挖掘保护功能