2月1日每日安全热点 - Perl.com域名被劫持

Inspired by 360CERT

恶意软件 Malware

Pro-Ocean将ActiveMQ、Weblogic及Redis等作为目标

https://www.bleepingcomputer.com/news/security/new-pro-ocean-malware-worms-through-apache-oracle-redis-servers/

 

安全研究 Security Research

Vovalex成首个D语言恶意软件

https://www.bleepingcomputer.com/news/security/vovalex-is-likely-the-first-ransomware-written-in-d/

 

EDR绕过研究

https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/

 

机器学习与SQL注入

https://portswigger.net/daily-swig/machine-learning-offers-fresh-approach-to-tackling-sql-injection-vulnerabilities

 

重定向与XSLeaks

https://docs.google.com/presentation/d/1rlnxXUYHY9CHgCMckZsCGH4VopLo4DYMvAcOltma0og/

 

安全资讯 Security Information

Fonix勒索软件停运并公开密钥

https://www.bleepingcomputer.com/news/security/fonix-ransomware-shuts-down-and-releases-master-decryption-key/

 

安全报告 Security Report

安全人员对警方推送的Emotet模块进行了分析

https://www.bleepingcomputer.com/news/security/heres-how-law-enforcements-emotet-malware-module-works/

 

安全事件 Security Incident

思科Spamcop在域过期后服务中断

https://www.bleepingcomputer.com/news/security/spamcop-anti-spam-service-suffers-an-outage-after-its-domain-expired/

 

Google搜索被利用作技术支持诈骗活动

https://www.bleepingcomputer.com/news/security/beware-malicious-home-depot-ad-gets-top-spot-in-google-search/

 

英国研究创新局遭勒索软件攻击

https://www.bleepingcomputer.com/news/security/uk-research-and-innovation-ukri-suffers-ransomware-attack/

 

Perl.com域名被劫持

https://www.bleepingcomputer.com/news/security/perlcom-domain-stolen-now-using-ip-address-tied-to-malware/

 

安全客 Security Geek

基于智能手机的近源渗透测试案例分享（二）

https://www.anquanke.com/post/id/230001