2月3日安全热点 - APT铁虎 / System Cryptomix勒索软件

资讯类

PZChao行动：APT铁虎可能归来

Operation PZChao: a possible return of the Iron Tiger APT

http://securityaffairs.co/wordpress/68581/apt/operation-pzchao.html

 

System Cryptomix 勒索软件变种出现

https://www.bleepingcomputer.com/news/security/system-cryptomix-ransomware-variant-released/

 

Adobe Flash 0-Day漏洞APSA18-01

https://www.ghacks.net/2018/02/02/adobe-flash-0-day-vulnerability-apsa18-01/

 

有关勒索软件的一些讨论

Ransomware’s difficult second album

 

技术类

GandCrab勒索软件借助RIG及GrandSoft进行传播

https://www.anquanke.com/post/id/97243

 

深入分析勒索软件Scarab：一个改变了战术的新变种

https://www.anquanke.com/post/id/97261

 

TLS 1.3 and Forward Secrecy

https://blogs.cisco.com/security/tls-1-3-and-forward-secrecy-count-us-in-and-heres-why

 

新的Mac 加密矿工通过MacUpdate传播

New Mac cryptominer distributed via a MacUpdate hack

初探机器学习检测 PHP Webshell

https://paper.seebug.org/526/

 

wget 缓冲区溢出漏洞分析（CVE-2017-13089）

https://paper.seebug.org/525/

 

API Instagram漏洞 – 通过电子邮件获取真实用户名

https://cxsecurity.com/issue/WLB-2018020019

 

在Windows中如何利用格式字符串

https://osandamalith.com/2018/02/01/exploiting-format-strings-in-windows

 

带有DNS密码检索的Twofish解码器

Twofish Crypter with DNS (CName) password retrieval, x64 shellcode decryption, and execution

 

dorkbot – Google Dorking的命令行工具

dorkbot – Command-Line Tool For Google Dorking

 

OSSIM分布式安装实践

https://www.secpulse.com/archives/67514.html

 

dorkbot – Google Dorking的命令行工具

https://www.darknet.org.uk/2018/02/dorkbot-command-line-tool-for-google-dorking

 

Ngrok集成的钓鱼工具

https://github.com/UndeadSec/SocialFish

 

FiberHome AN5506 ——未经身份验证的远程DNS更改

https://cxsecurity.com/issue/WLB-2018020021

 

awBruter – 千倍速一句话密码爆破工具

https://github.com/theLSA/awBruter