Skip to content

Latest commit

 

History

History
128 lines (47 loc) · 4.54 KB

12月19日安全热点 - Windows危险漏洞_安卓挖矿软件.md

File metadata and controls

128 lines (47 loc) · 4.54 KB

原文链接: https://www.anquanke.com//post/id/91252

12月19日安全热点 - Windows危险漏洞/安卓挖矿软件

                            阅读量   
                            **85101**
                        
                    |
                    
                                                        评论
                            <b>
                                <a target="_blank">3</a>
                            </b>

资讯类

安卓恶意软件已经足以破坏掉你的手机!长期挖矿会导致手机硬件损坏!

https://www.bleepingcomputer.com/news/security/android-malware-will-destroy-your-phone-no-ifs-and-buts-about-it/

Uber的律师恐怕与假期无缘,近期指控不断

https://www.theregister.co.uk/2017/12/19/alleged_uber_black_ops_lawyer_subpoena/

美国就WannaCry事件指责朝鲜

https://uk.reuters.com/article/uk-usa-cyber-northkorea/u-s-blames-north-korea-for-wannacry-cyber-attack

技术类

数据泄露缓解与修复 Part 1

https://www.troyhunt.com/fixing-data-breaches-part-1-education/

Frameset与NTLM哈希

https://pentestlab.blog/2017/12/18/microsoft-office-ntlm-hashes-via-frameset/

CVE-2017-17562:远程LD_PRELOAD利用 影响Gohead Web服务器

https://www.elttam.com.au/blog/goahead/

一种模拟进程的新方式

https://hshrzd.wordpress.com/2017/12/18/process-doppelganging-a-new-way-to-impersonate-a-process/

人肉计算比特币,每天0.67哈希值

http://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html

黑客通过Google Adwords和Google平台传播恶意软件

https://www.hackread.com/hackers-using-google-adwords-google-sites-to-spread-malware/

利用HackerTarget中的SSRF

http://www.sxcurity.pro/2017/12/17/hackertarget/

不同DNS安全过滤器之间的比较差异

https://medium.com/@nykolas.z/dns-security-filters-compared-quad9-x-opendns-x-comodo-secure-x-norton-connectsafe-x-yandex-safe-a00ace3bf21f

Project Zero:通过网络中的WPAD/PAC和JScript渗透Windows 10

https://googleprojectzero.blogspot.com/2017/12/apacolypse-now-exploiting-windows-10-in_18.html

伪造WordPress更新以实施攻击

https://core.trac.wordpress.org/ticket/39309#comment:21

枚举本地IPv6网络地址

https://secdevops.ai/theres-no-place-like-1-enumerating-local-ipv6-networks-88a6247e3519

Adobe Reader整数溢出漏洞

https://www.zerodayinitiative.com/blog/2017/12/18/reading-backwards-controlling-an-integer-underflow-in-adobe-reader

Web应用漏洞与NTLM哈希窃取

https://blog.blazeinfosec.com/leveraging-web-application-vulnerabilities-to-steal-ntlm-hashes-2/

黑客与卡车不得不说的故事

https://cdllife.com/2017/eld-security-threats-can-trucks-mass-hacked-physically-crash-via-elds/