【文章摘要】腾讯反病毒实验室一周舆情:敲诈勒索、攻击事件、攻击方法等热点新闻一周盘点
敲诈勒索
1,勒索软件LockRandom发布新变种ykcol
https://threatpost.com/locky-gets-updated-to-ykcol-part-of-rapid-fire-spam-campaigns/128412/
2,ESET研究人员发现首例ransomware滥用Android辅助服务。在加密数据之上,它也锁定设备
https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/
3,发布新的Payday BTCware Ransomware变种
https://www.bleepingcomputer.com/news/security/new-payday-btcware-ransomware-variant-released/
攻击事件
1,DDoS攻击导致瑞典火车延误
https://www.bleepingcomputer.com/news/security/ddos-attacks-cause-train-delays-across-sweden/
2,针对美国证券交易委员会的钓鱼,利用DNSMessenger恶意软件感染受害者
https://www.scmagazine.com/phishers-imitate-sec-abuse-microsoft-feature-to-distribute-dnsmessenger-malware/article/699918/
3,Mirai变种Rowdy物联网恶意软件袭击我国有线电视网
https://toutiao.secjia.com/rowdy-attack-ott
4,ASD透露,黑客窃取了30GB关于澳大利亚军事能力的敏感数据
https://securityaffairs.co/wordpress/64204/data-breach/asd-military-capabilities-databreach.html
5,Equifax网站将用户重定向到广告软件,诈骗网站
https://www.bleepingcomputer.com/news/security/equifax-website-redirected-users-to-adware-scam-sites/?
6,新的Trickbot木马已经蔓延到全球40多个国家
https://koddos.net/blog/new-trickbot-spreads-40-countries/?utm_source=Sociallymap&utm_medium=Sociallymap&utm_campaign=Sociallymap
7,乌克兰警方警告新的NotPetya式大型网络攻击
https://thehackernews.com/2017/10/ukraine-notpetya-cyberattack.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
8,PDF网络钓鱼瞄准法国国民
https://blog.fortinet.com/2017/10/12/pdf-phishing-leads-to-nanocore-rat-targets-french-nationals
9,斯巴鲁轿车漏洞远程入侵源码
https://www.bleepingcomputer.com/news/security/unpatched-exploit-lets-you-clone-key-fobs-and-open-subaru-cars/
攻击方法
1,银行木马利用VMvare进行传播
https://www.freebuf.com/news/150393.html
2,钓鱼者模仿SEC,滥用Microsoft功能,分发DNSMessenger恶意软件
https://www.scmagazine.com/phishers-imitate-sec-abuse-microsoft-feature-to-distribute-dnsmessenger-malware/article/699918/
3,Nginx不安全配置可能导致的安全漏洞
https://www.freebuf.com/articles/web/149761.html
4,CNNVD关于Microsoft?Windows?SMB?Server远程代码执行漏洞情况的通报
https://www.freebuf.com/news/150383.html
5,KovCoreG正在利用虚假的浏览器和Flash更新来传播恶意软件
https://www.freebuf.com/news/150170.html
6,出现Apple ID密码钓鱼软件
https://thehackernews.com/2017/10/apple-id-password-hacking.html
7,ATMii恶意软件可使windows7、vista系统的ATM机吐现金
https://www.bleepingcomputer.com/news/security/atmii-malware-makes-windows-7-and-windows-vista-atms-spit-out-cash/
1,勒索软件LockRandom发布新变种ykcol
https://threatpost.com/locky-gets-updated-to-ykcol-part-of-rapid-fire-spam-campaigns/128412/
2,ESET研究人员发现首例ransomware滥用Android辅助服务。在加密数据之上,它也锁定设备
https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/
3,发布新的Payday BTCware Ransomware变种
https://www.bleepingcomputer.com/news/security/new-payday-btcware-ransomware-variant-released/
攻击事件
1,DDoS攻击导致瑞典火车延误
https://www.bleepingcomputer.com/news/security/ddos-attacks-cause-train-delays-across-sweden/
2,针对美国证券交易委员会的钓鱼,利用DNSMessenger恶意软件感染受害者
https://www.scmagazine.com/phishers-imitate-sec-abuse-microsoft-feature-to-distribute-dnsmessenger-malware/article/699918/
3,Mirai变种Rowdy物联网恶意软件袭击我国有线电视网
https://toutiao.secjia.com/rowdy-attack-ott
4,ASD透露,黑客窃取了30GB关于澳大利亚军事能力的敏感数据
https://securityaffairs.co/wordpress/64204/data-breach/asd-military-capabilities-databreach.html
5,Equifax网站将用户重定向到广告软件,诈骗网站
https://www.bleepingcomputer.com/news/security/equifax-website-redirected-users-to-adware-scam-sites/?
6,新的Trickbot木马已经蔓延到全球40多个国家
https://koddos.net/blog/new-trickbot-spreads-40-countries/?utm_source=Sociallymap&utm_medium=Sociallymap&utm_campaign=Sociallymap
7,乌克兰警方警告新的NotPetya式大型网络攻击
https://thehackernews.com/2017/10/ukraine-notpetya-cyberattack.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
8,PDF网络钓鱼瞄准法国国民
https://blog.fortinet.com/2017/10/12/pdf-phishing-leads-to-nanocore-rat-targets-french-nationals
9,斯巴鲁轿车漏洞远程入侵源码
https://www.bleepingcomputer.com/news/security/unpatched-exploit-lets-you-clone-key-fobs-and-open-subaru-cars/
攻击方法
1,银行木马利用VMvare进行传播
https://www.freebuf.com/news/150393.html
2,钓鱼者模仿SEC,滥用Microsoft功能,分发DNSMessenger恶意软件
https://www.scmagazine.com/phishers-imitate-sec-abuse-microsoft-feature-to-distribute-dnsmessenger-malware/article/699918/
3,Nginx不安全配置可能导致的安全漏洞
https://www.freebuf.com/articles/web/149761.html
4,CNNVD关于Microsoft?Windows?SMB?Server远程代码执行漏洞情况的通报
https://www.freebuf.com/news/150383.html
5,KovCoreG正在利用虚假的浏览器和Flash更新来传播恶意软件
https://www.freebuf.com/news/150170.html
6,出现Apple ID密码钓鱼软件
https://thehackernews.com/2017/10/apple-id-password-hacking.html
7,ATMii恶意软件可使windows7、vista系统的ATM机吐现金
https://www.bleepingcomputer.com/news/security/atmii-malware-makes-windows-7-and-windows-vista-atms-spit-out-cash/