3月14日安全热点 – AMD Ryzen和EPYC处理器中发现13个严重漏洞

 

资讯类

远程桌面协议中的CredSSP漏洞影响所有版本的Windows

https://thehackernews.com/2018/03/credssp-rdp-exploit.html

 

在AMD Ryzen和EPYC处理器中发现了13个严重漏洞

https://thehackernews.com/2018/03/amd-processor-vulnerabilities.html

 

立即更新Samba服务器以修补密码重置和DoS漏洞

https://thehackernews.com/2018/03/samba-server-vulnerability.html

 

微软发布2018年3月安全公告

https://www.bleepingcomputer.com/news/microsoft/microsoft-march-patch-tuesday-fixes-74-security-issues/

http://blog.talosintelligence.com/2018/03/ms-tuesday.html

 

29种不同类型的USB攻击

https://www.bleepingcomputer.com/news/security/heres-a-list-of-29-different-types-of-usb-attacks/

 

 

技术类

海莲花使用老技巧分发新的后门程序

https://www.welivesecurity.com/wp-content/uploads/2018/03/ESET_OceanLotus.pdf

 

了解针对所有版本Android的Cloak&Dagger攻击：概述和教程
http://resources.infosecinstitute.com/understanding-cloak-dagger-attack-overview-tutorial/

 

伊朗威胁组更新钓鱼攻击战术，技术和程序

https://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html

 

解析.DS_Store文件格式

https://0day.work/parsing-the-ds_store-file-format/

 

Kubernetes hack分析

https://medium.com/handy-tech/analysis-of-a-kubernetes-hack-backdooring-through-kubelet-823be5c3d67c

 

利用性能计数器检测利用meltdown和spectre的攻击

https://blog.trendmicro.com/trendlabs-security-intelligence/detecting-attacks-that-exploit-meltdown-and-spectre-with-performance-counters/

 

钓鱼网站：扩展代理

https://medium.com/@cooperthecoder/go-phishing-extending-the-proxy-31775a1d7287

 

radare2教程——逆向自修改二进制文件

https://www.megabeets.net/reversing-a-self-modifying-binary-with-radare2/

 

针对Weblogic测试的一些小总结

http://www.91ri.org/17656.html

 

JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks

http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_07A-3_Schwarz_paper.pdf

 

Visual Basic GUI：通过X11转发的会话在SSH客户端上注入击键的工具

https://github.com/xfee/vbg