12月19日安全热点 - Windows危险漏洞/安卓挖矿软件

 

资讯类

安卓恶意软件已经足以破坏掉你的手机！长期挖矿会导致手机硬件损坏！

https://www.bleepingcomputer.com/news/security/android-malware-will-destroy-your-phone-no-ifs-and-buts-about-it/

 

Uber的律师恐怕与假期无缘，近期指控不断

https://www.theregister.co.uk/2017/12/19/alleged_uber_black_ops_lawyer_subpoena/

 

美国就WannaCry事件指责朝鲜

https://uk.reuters.com/article/uk-usa-cyber-northkorea/u-s-blames-north-korea-for-wannacry-cyber-attack

 

技术类

数据泄露缓解与修复 Part 1

https://www.troyhunt.com/fixing-data-breaches-part-1-education/

 

Frameset与NTLM哈希

https://pentestlab.blog/2017/12/18/microsoft-office-ntlm-hashes-via-frameset/

 

CVE-2017-17562：远程LD_PRELOAD利用 影响Gohead Web服务器

https://www.elttam.com.au/blog/goahead/

 

一种模拟进程的新方式

https://hshrzd.wordpress.com/2017/12/18/process-doppelganging-a-new-way-to-impersonate-a-process/

 

人肉计算比特币，每天0.67哈希值

http://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html

 

黑客通过Google Adwords和Google平台传播恶意软件

https://www.hackread.com/hackers-using-google-adwords-google-sites-to-spread-malware/

 

利用HackerTarget中的SSRF

http://www.sxcurity.pro/2017/12/17/hackertarget/

 

不同DNS安全过滤器之间的比较差异

https://medium.com/@nykolas.z/dns-security-filters-compared-quad9-x-opendns-x-comodo-secure-x-norton-connectsafe-x-yandex-safe-a00ace3bf21f

 

Project Zero：通过网络中的WPAD/PAC和JScript渗透Windows 10

https://googleprojectzero.blogspot.com/2017/12/apacolypse-now-exploiting-windows-10-in_18.html

 

伪造WordPress更新以实施攻击

https://core.trac.wordpress.org/ticket/39309#comment:21

 

枚举本地IPv6网络地址

https://secdevops.ai/theres-no-place-like-1-enumerating-local-ipv6-networks-88a6247e3519

 

Adobe Reader整数溢出漏洞

https://www.zerodayinitiative.com/blog/2017/12/18/reading-backwards-controlling-an-integer-underflow-in-adobe-reader

 

Web应用漏洞与NTLM哈希窃取

https://blog.blazeinfosec.com/leveraging-web-application-vulnerabilities-to-steal-ntlm-hashes-2/

 

黑客与卡车不得不说的故事

https://cdllife.com/2017/eld-security-threats-can-trucks-mass-hacked-physically-crash-via-elds/