每周威胁情报新闻汇总(20181229)

漏洞相关

  1. Orange Livebox ADSL调制解调器允许远程未经身份验证的用户获取设备的SSID和WiFi密码https://badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials/
  2. 华为某设备信息泄露漏洞CVE-2018-7900https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f
  3. 苹果MAC的一个内核缓冲区溢出漏洞https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/kernel-buffer-overflow-in-trusteer-rapport-for-macos/
  4. EVLink停车系统充电桩的SQL注入https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-354-01-EVLink.pdf&p_Doc_Ref=SEVD-2018-354-01

恶意威胁活动

  1. 腾讯御见威胁情报中心弱口令爆破SQL Server服务器,暗云、Mykings、Mirai多个病毒家族结伴来袭https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247487734&idx=1&sn=b178e806fd46a8f27aa72aeda12e27a4
  2. Shamoon3样本在意大利上传VT后,这次在法国上传VT。https://www.anomali.com/blog/destructive-shamoon-malware-continues-its-return-with-a-new-anti-american-message 。shamoon前世今生看这里http://www.threatpage.com/?p=709
  3. 恶意软件Tesla和XpertRAT变身合体,Scumbag Combo 的活动。https://blog.k7computing.com/?p=15672
  4. 假期警惕移动威胁和物联网威胁。https://www.fortinet.com/blog/industry-trends/watching-out-for-iot-and-mobile-threats-during-the-holidays.html
  5. 针对美英两国金融行业的攻击https://www.menlosecurity.com/blog/a-jar-full-of-problems-for-financial-services-companies

技术分析

  1. 360 “双枪”木马的基础设施更新及相应传播方式的分析 https://www.anquanke.com/post/id/168866

技术好文

  1. APT相关活动思路和技术提炼https://mp.weixin.qq.com/s/Ni3dscLJBrVsW5jR5OySdA
  2. UNIT42关于web威胁分析的报告https://unit42.paloaltonetworks.com/web-based-threats-2018-q3-malicious-urls-and-domains-take-a-dip/

 

发表评论

电子邮件地址不会被公开。 必填项已用*标注