2017年12月第二周舆情周报

2017-12-19 来源:原创 作者:腾讯反病毒实验室
【文章摘要】2017年12月第二周舆情周报:安卓恶意软件,新敲诈样本,重大漏洞,其他安全事件等

Satori僵尸网络能够随时发起瘫痪攻击

https://www.scmagazine.com/satori-botnet-able-to-launch-crippling-attacks-at-any-time/article/712869/

StrongPity2间谍软件取代了MitM系列中的FinFisher

https://www.welivesecurity.com/2017/12/08/strongpity-like-spyware-replaces-finfisher/

新的勒索软件称为文件蜘蛛。 使用两个组件,一个加密程序(enc.exe)和一个解密程序(dec.exe

https://twitter.com/LawrenceAbrams/status/939961981158686722 

Emotet Downloader木马恢复生效

https://securingtomorrow.mcafee.com/mcafee-labs/emotet-downloader-trojan-returns-in-force/#sf175737450

QNX Qnet特权提升的漏洞

https://www.midnightbluelabs.com/blog/2017/12/8/elevation-of-privilege-vulnerability-in-qnx-qnet

随着价格越来越高,比特币钱包的网络钓鱼攻击越来越严重

https://www.bleepingcomputer.com/news/security/phishing-attacks-on-bitcoin-wallets-intensify-as-price-goes-higher-and-higher/

RSA认证SDK中被曝两个严重漏洞

http://www.freebuf.com/news/156369.html

高危Android漏洞绕过签名检测机制,篡改替换App

http://www.freebuf.com/vuls/156821.html 

moneytaker组:IB组发现了一个网络团伙在美国和俄罗斯攻击银行

http://securityaffairs.co/wordpress/66591/cyber-crime/moneytaker-group.html

机器人攻击:RSA TLS加密攻击对FacebookPayPal和数以百计的顶级域名起作用

http://securityaffairs.co/wordpress/66682/hacking/robot-attack.html

Cryptojackers挖矿软件在星巴克WiFi网络上发现

https://www.bleepingcomputer.com/news/security/cryptojackers-found-on-starbucks-wifi-network-github-pirate-streaming-sites/

Cryptomix Ransomware变种出现

https://www.bleepingcomputer.com/news/security/work-cryptomix-ransomware-variant-released/

Google Researcher发布iOS 11越狱漏洞

http://www.securityweek.com/google-researcher-releases-ios-11-jailbreak-exploit

超过1900万的加利福尼亚居民存放在不安全的MongoDB,选民登记资料已被删除,勒索赎金

http://securityaffairs.co/wordpress/66792/cyber-crime/voter-mongodb-ransom-attack.html

银行员工因帮助Dridex恶意软件而被判入狱

https://www.bleepingcomputer.com/news/security/bank-employee-gets-prison-time-for-helping-dridex-malware-gang/

研究人员:伊朗用“海神”恶意软件到目标沙乌地阿拉伯

http://www.securityweek.com/iran-used-triton-malware-target-saudi-arabia-researchers

Vigilante公司在两年内未能完成Netgear网站的恶意软件清除工作

https://www.bleepingcomputer.com/news/security/vigilante-removes-malware-from-netgear-site-after-company-fails-to-do-so-for-2-years/

Windows预装密码管理器可能会有密码泄漏风险

http://securityaffairs.co/wordpress/66802/hacking/keeper-password-manager-flaw.html

黑客以能源机构为目标意欲挖矿

https://www.raconteur.net/technology/hackers-are-after-processing-power-to-get-valuable-bitcoins

"Zealot" 利用NSA的漏洞工具在WindowsLinux服务器上对Monero的攻击

https://www.bleepingcomputer.com/news/security/-zealot-campaign-uses-nsa-exploits-to-mine-monero-on-windows-and-linux-servers/

恶意软件禁用佐治亚州农业部网站

http://www.myajc.com/news/state--regional-govt--politics/malware-disables-georgia-agriculture-department-website/97bicqeIIfhlWcwRZEuwiP/

俄罗斯输油管道巨头TransneftMonero加密货币矿工感染

http://securityaffairs.co/wordpress/66813/cyber-crime/transneft-monero-cryptocurrency-miner.html

电脑管家V12.11

4大安全能力再升级

详情>>

版本更新:2018.1.15