热点概要:DDoS攻击导致瑞典火车延误、Equifax网站把用户重定向到Adware和诈骗网站、Chrome扩展用你的Gmail注册域名还注入挖矿代码、钓鱼Word文档用RAT传播malware、新的野外Anubi Ransomware、Android DoubleLocker Ransomware:按下Home键就可激活你怕不怕(改变PIN值,加密文件)
资讯类:
DDoS攻击导致瑞典火车延误
https://www.bleepingcomputer.com/news/security/ddos-attacks-cause-train-delays-across-sweden/
Equifax网站把用户重定向到Adware和诈骗网站
Chrome扩展用你的Gmail注册域名还注入挖矿代码
技术类:
钓鱼Word文档用RAT传播malware
通过DNS输入错误完成实用水坑
https://blog.0day.rocks/practical-waterholing-through-dns-typosquatting-e252e6a2f99e
新的野外Anubi Ransomware
https://www.bleepingcomputer.com/news/security/new-anubi-ransomware-in-the-wild/
Android DoubleLocker Ransomware:按下Home键就可激活你怕不怕(改变PIN值,加密文件)
https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/
Disassembler and Runtime Analysis(IDA Pro没检测出来的那些修改)
http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
新型x1881 CryptoMix Ransomware变种放出
https://www.bleepingcomputer.com/news/security/new-x1881-cryptomix-ransomware-variant-released/
Exploding Git Repositories
https://kate.io/blog/git-bomb/
安全应急响应工具大合集
https://github.com/meirwah/awesome-incident-response/blob/master/README_ch.md
Leaking Amazon.com CSRF Tokens Using Service Worker API
https://ahussam.me/Amazon-leaking-csrf-token-using-service-worker/
Injects C# EXE or DLL Assembly into every CLR runtime and AppDomain of another process.
https://github.com/jonatan1024/clrinject
HSTS(HTTP Strict Transport Security)实用解答