2月10日安全热点 - X.509证书可能被利用 / BlackRuby 勒索软件

X.509证书可能会被滥用于数据泄露

https://www.bleepingcomputer.com/news/security/x-509-certificates-can-be-abused-for-data-exfiltration/

PoS恶意软件通过DNS请求窃取信用卡数据

UDPOS PoS malware exfiltrates credit card data DNS queries

https://www.bleepingcomputer.com/news/security/pos-malware-steals-credit-card-data-via-dns-requests/

2月2日至2月9日威胁总结

http://blog.talosintelligence.com/2018/02/threat-round-up-0202-0209.html

Black Ruby —— 新的勒索软件（不会攻击Iran用户）

https://www.bleepingcomputer.com/news/security/black-ruby-ransomware-skips-victims-in-iran-and-adds-a-miner-for-good-measure/

一个新的名为DexCrypt 的 MBRLocker需要缴费30元人民币才能重新访问计算机

DexCrypt锁定屏幕

  .-'      '-.
  /            \ 
 |              |
 |,  .-.  .-.  ,|
 | )(__/  \__)( |
 |/     /\     \|
 (_     ^^     _)
  \__|IIIIII|__/
   | \IIIIII/ |
   \          /
    `yao mi ma gei 30 yuan jia qq 2055965068`

技术类

Red Team infrastructure

https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki

Adobe Flash利用，从CVE-2015-5119到CVE-2018-4878

https://www.mdsec.co.uk/2018/02/adobe-flash-exploitation-then-and-now-from-cve-2015-5119-to-cve-2018-4878/

含有挖矿代码的Alexa网站名单

http://blog.netlab.360.com/the-list-of-top-alexa-websites-with-web-mining-code-embedded-on-their-homepage/

Catching phishing before they catch you

https://blog.0day.rocks/catching-phishing-using-certstream-97177f0d499a

四种成功攻击生物特征识别的手段

http://www.aqniu.com/hack-geek/31540.html

UAF Writeup – pwnable.kr

https://www.secpulse.com/archives/68260.html

银行劫匪2.0：数字偷窃和盗窃的隐密信息

Bank robbers 2.0: digital thievery and stolen cryptocoins

分析CVE-2018-6376 – Joomla !,二阶SQL注入

https://www.notsosecure.com/analyzing-cve-2018-6376/

osueta – 利用OpenSSH用户枚举计时攻击

https://howucan.gr/scripts-tools/2861-osueta-exploit-the-openssh-user-enumeration-timing-attack

LibreOffice远程任意文件泄露漏洞

https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure

（完）