1月26日安全热点 - Windows，MacOS和Linux无法检测到CrossRAT

资讯类

Reddit支持双因素身份验证

http://www.zdnet.com/article/reddit-enables-two-factor-authentication/

 

华硕发布安全补丁，修复了多个路由器漏洞

https://threatpost.com/asus-patches-root-command-execution-flaws-haunting-over-a-dozen-router-models/129666/

 

受感染的Android游戏将广告软件传播给超过450万用户

https://www.bleepingcomputer.com/news/security/infected-android-games-spread-adware-to-more-than-4-5-million-users/

 

谨防！Windows，MacOS和Linux系统无法检测到CrossRAT恶意软件

https://thehackernews.com/2018/01/crossrat-malware.html

 

技术类

2017 年度安全报告——数据泄密

https://cert.360.cn/static/files/2017%E5%B9%B4%E5%BA%A6%E5%AE%89%E5%85%A8%E6%8A%A5%E5%91%8A–%E6%95%B0%E6%8D%AE%E6%B3%84%E5%AF%86.pdf

 

IoT Security Techniques Based on Machine Learning

https://arxiv.org/pdf/1801.06275.pdf

 

Malwarebytes Labs 2017恶意软件状况报告

https://blog.malwarebytes.com/malwarebytes-news/2018/01/presenting-malwarebytes-labs-2017-state-of-malware-report/

 

WINDOWS DEFENDER研究：无文件恶意软件

https://cloudblogs.microsoft.com/microsoftsecure/2018/01/24/now-you-see-me-exposing-fileless-malware

 

在Exodus钱包中利用Electron RCE

https://medium.com/@Wflki/exploiting-electron-rce-in-exodus-wallet-d9e6db13c374

 

利用自定义模板引擎

https://depthsecurity.com/blog/exploiting-custom-template-engines

 

通过比特币交易分析隐藏服务用户

https://arxiv.org/pdf/1801.07501.pdf

 

基于堆栈的x64缓冲区溢出（Windows）

Stack Based Buffer Overflows on x64 (Windows)

 

公钥密码转储在ELK

https://outflank.nl/blog/2018/01/23/public-password-dumps-in-elk

 

Java RASP浅析——以百度OpenRASP为例

https://paper.seebug.org/513/

 

利用VirtualAlloc’s write watch调试

Anti-debug with VirtualAlloc’s write watch