3月3日安全热点 - CannibalRAT木马/针对以太坊的Eclipse攻击

360安全客 安全知识 137217 4

 

CannibalRAT——完全用python编写的新型木马

来自思科Talos的安全研究人员发现了一种名为CannibalRAT的新型远程访问木马(RAT) ,该软件完全由Python编写。

CannibalRAT, a RAT entirely written in Python observed in targeted attacks

 

广告网络规避拦截器劫持浏览器进行挖矿

http://www.zdnet.com/article/ad-network-circumvents-blockers-for-browser-cryptojacking/

 

在超过40种低价智能手机中发现银行木马

https://www.bleepingcomputer.com/news/security/banking-trojan-found-in-over-40-models-of-low-cost-android-smartphones/

 

针对以太坊网络的Eclipse攻击

https://www.bleepingcomputer.com/news/cryptocurrency/eclipse-attack-plugged-in-ethereum-network/

 

一些Memcached DDoS攻击者试图勒索门罗币

https://www.bleepingcomputer.com/news/security/some-memcached-ddos-attackers-are-asking-for-a-ransom-demand-in-monero/

 

一周勒索软件回顾 – 2018年3月2日 – GandCrab Decrypted,RaaS等等

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-2nd-2018-gandcrab-decrypted-raas-and-more/

 

我需要第三方安全审计吗?

https://www.bleepingcomputer.com/editorial/security/do-i-need-a-third-party-security-audit/

 

技术类

FLASH 0day(CVE-2018-4878)从POC到利用

https://paper.seebug.org/536/

 

Python大法之从火车余票查询到打造抢Supreme神器

https://bbs.ichunqiu.com/thread-34102-1-1.html?from=sec

 

SQL注入

Explained: SQL injection

 

如何清除Windows中的RDP连接历史记录

http://woshub.com/how-to-clear-rdp-connections-history/

 

TestLink开源测试管理(<= 1.9.16)通过Manish远程执行代码(error1046)

https://github.com/incredibleindishell/exploit-code-by-me/tree/master/TestLink%20-below%201.9.17-%20Remote%20Code%20Execution

 

Shellen——交互式shellcoding环境可以轻松地制作shellcode

https://github.com/merrychap/shellen

 

针对没有KTRR的iOS 10.x 64bit设备越狱

https://github.com/tihmstar/doubleH3lix

(完)