2018年3月第3周舆情周报

GandCrab Ransomware骗子采取敏捷开发方法

https://threatpost.com/gandcrab-ransomware-crooks-take-agile-development-approach/130490/

亚洲是2017软件勒索最泛滥的区域

https://www.bleepingcomputer.com/news/security/geographical-region-with-the-most-ransomware-encounters-in-2017-was-asia/

Intel发布新的幽灵芯片补丁

https://www.neorhino.com/2018/03/12/intel-releases-new-patch-for-spectre-chip-issue/

网络犯罪分子在GitHub上发现隐藏加密货币挖掘恶意软件

https://www.zdnet.com/article/cybercriminals-spotted-hiding-cryptocurrency-mining-malware-in-forked-projects-on-github/#ftag=RSSbaffb68

McAfee实验室2018.3威胁报告

https://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2018.pdf#sf184689831

40w恶意软件爆发是由于俄罗斯Torrenting客户端后门导致的

https://www.bleepingcomputer.com/news/security/400k-malware-outbreak-caused-by-backdoored-russian-torrenting-client/

Qrypter RAT打击全球数百家组织

https://www.securityweek.com/qrypter-rat-hits-hundreds-organizations-worldwide

13万多美国公民个人信息数据泄露 纽约一家医院服务器遭入侵

https://toutiao.secjia.com/ny-hospital-databreach

Adobe Flash Player漏洞工具包

https://malwarebattle.blogspot.com/2018/03/recent-adobe-flash-player-vulnerability.html

AMD漏洞被公开,Linux之父愤怒回应

https://www.easyaq.com/news/786297762.shtml

中国黑客组织APT15涉嫌向英国政府服务商发动网络攻击

https://3g.163.com/dy/article/DCRQRLO105128DFG.html

微软补丁日发布修复74个安全问题

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-patch-tuesday-fixes-74-security-issues/

微软移除win 10 用户的反病毒注册表

https://www.bleepingcomputer.com/news/security/microsoft-removes-antivirus-registry-key-check-for-windows-10-users/

credSSP 漏洞影响RDP 和 winRM

https://www.bleepingcomputer.com/news/security/credssp-vulnerability-affects-rdp-and-winrm-on-all-windows-versions/

29种不同类型的USB攻击

https://www.bleepingcomputer.com/news/security/heres-a-list-of-29-different-types-of-usb-attacks/

FireEye 发布报告关于伊朗鱼叉钓鱼组织的一些更新信息

https://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html

talos 发布关于gozi的报告

https://blog.talosintelligence.com/2018/03/gozi-isfb-remains-active-in-2018.html

CCleaner供应链攻击中发现的中国APT后门

https://www.darkreading.com/endpoint/privacy/chinese-apt-backdoor-found-in-ccleaner-supply-chain-attack/d/d-id/1331250?_mc=sm_dr&hootPostID=c40b2c94125d19aa9e2b6366ddde0420

与中国有联系的APT15利用新的后门攻击英国政府的服务提供商

https://securityaffairs.co/wordpress/70140/hacking/apt15-uk-gov-contractor.html

色域僵尸网络占据互联网垃圾邮件的97％

https://www.bleepingcomputer.com/news/security/necurs-and-gamut-botnets-account-for-97-percent-of-the-internets-spam-emails/

McAfee报告称恶意软件在医疗保健，无文件恶意软件和加密货币挖掘攻击方面激增

https://venturebeat.com/2018/03/11/mcafee-reports-surge-in-healthcare-fileless-malware-and-cryptocurrency-mining-attacks/

首例利用CVE-2017-8464漏洞挖矿事件：打开U盘即中招

https://www.freebuf.com/column/164908.html

绿盟科技网络安全威胁周报2018.10 Exim缓冲区溢出漏洞CVE-2018-6789

https://toutiao.secjia.com/nsfocus-internet-security-threats-weekly-201810

隐藏六年的强大恶意软件通过路由器传播

https://arstechnica.com/information-technology/2018/03/potent-malware-that-hid-for-six-years-spread-through-routers/