每周威胁情报新闻汇总(181110)

漏洞相关:

  1. 大疆漏洞,老美一直说大疆窃密https://research.checkpoint.com/dji-drone-vulnerability/
  2. CVE-2018-15961漏洞被多个组织利用。https://www.volexity.com/blog/2018/11/08/active-exploitation-of-newly-patched-coldfusion-vulnerability-cve-2018-15961/
  3. Nginx漏洞。http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.ht
  4. 微软发布针对有缺陷的SSD加密的用户指南https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180028
  5. SSD漏洞:https://www.ru.nl/publish/pages/909275/draft-paper_1.pdf
  6. Evernote Flaw允许黑客窃取文件,执行命令。https://paper.seebug.org/737/

APT攻击相关:

  1. Persian Stalker攻击伊朗用户app。https://blog.talosintelligence.com/2018/11/persian-stalker.html
  2. 银行木马Metamorfo攻击巴西。https://blog.talosintelligence.com/2018/11/metamorfo-brazilian-campaigns.html
  3. Inception攻击欧洲、俄罗斯等。https://researchcenter.paloaltonetworks.com/2018/11/unit42-inception-attackers-target-europe-year-old-office-vulnerability/
  4. 朝鲜攻击韩国。http://blog.alyac.co.kr/1963
  5. Outlaw工具攻击IOT,针对工控业攻击。https://blog.trendmicro.com/trendlabs-security-intelligence/perl-based-shellbot-looks-to-target-organizations-via-cc/
  6. Triton Malware工控攻击https://securingtomorrow.mcafee.com/mcafee-labs/triton-malware-spearheads-latest-generation-of-attacks-on-industrial-systems/

信息泄露相关:

  1. 老美在恒丰银行数据泄露。https://oag.ca.gov/system/files/Res%20102923%20PIB%20MAIN%20v3_1.pdf

威胁情报分析相关:

  1. APT组织lazarus使用样本来源分析。https://www.intezer.com/paleontology-the-unknown-origins-of-lazarus-malware/。
  2. 疑似“Group 123”APT团伙利用HWP软件未公开漏洞的定向攻击分析 https://ti.360.net/blog/articles/analysis-of-group123-sample-with-hwp-exploitkit/

其他威胁攻击相关:

  1. 针对exodusMAC用户鱼叉攻击。https://labsblog.f-secure.com/2018/11/02/spam-campaign-targets-exodus-mac-users/。
  2. GandCrab勒索事件分析。https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247485468&idx=1&sn=af8d3b1670862f78843a79d75465bce3&chksm=ea65ff6bdd12767dee14c078ecc8d307a1f25fe015c54b7cfcd9c2dedba91651f9645d467893&mpshare=1&scene=1&srcid=1106e4NgVyQiXxrlAZLpJR6E&pass_ticket=VpGtnIDyn8o3%2Bsrs9XDXzpmz8ZBx0zRrpMu1DWoEKCo%3D#rd
  3. “抓鸡狂魔”病毒团伙活动报告
    
    https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247486825&idx=1&sn=6ad042f4036ae63e567c439e04d301d3&chksm=ec9cd41adbeb5d0c2b450774e6d57df8f71e8bd41e823bc1c515e641ef29ae2d062cd5e6c971&mpshare=1&scene=1&srcid=1108osc8Pk21L5XYg3TBHn1w&pass_ticket=VpGtnIDyn8o3%2Bsrs9XDXzpmz8ZBx0zRrpMu1DWoEKCo%3D#rd
  4. 卡巴发布黑产相关。https://securelist.com/hey-there-how-much-are-you-worth/88691/

其他

  1. 美网军司令部VT恶意样本共享:https://www.virustotal.com/en/user/CYBERCOM_Malware_Alert/和https://twitter.com/CNMF_VirusAlert。
  2. 美国空军赏金计划 https://hackerone.com/htaf3

欢迎老哥们提建议!

发表评论

电子邮件地址不会被公开。 必填项已用*标注