资讯类

俄罗斯黑客利用Telegram Zero-Day漏洞传播恶意软件

Hackers in the Russian underground exploited a Telegram Zero-Day vulnerability to deliver malware

Zero-day vulnerability in Telegram

https://www.bleepingcomputer.com/news/security/telegram-0-day-used-to-spread-monero-and-zcash-mining-malware/

https://thehackernews.com/2018/02/hackers-exploit-telegram-messenger-zero.html

2018年2月安全补丁更新回顾

https://www.zerodayinitiative.com/blog/2018/2/13/the-february-2018-security-update-review

微软2月份修复了50个安全漏洞

https://www.bleepingcomputer.com/news/microsoft/microsoft-february-patch-tuesday-fixes-50-security-issues/

在19个Google Play应用中发现的JavaScript加密脚本

https://www.bleepingcomputer.com/news/security/javascript-cryptomining-scripts-discovered-in-19-google-play-apps/

技术类

Docker 微服务教程

http://www.ruanyifeng.com/blog/2018/02/docker-wordpress-tutorial.html

加载“无文件”共享对象

https://x-c3ll.github.io/posts/fileless-memfd_create/

基于Kotlin的恶意应用程序在谷歌应用市场传播

https://blog.malwarebytes.com/cybercrime/mobile/2018/02/mobile-menace-monday-first-kotlin-developed-malicious-app/

Zombie Processes are Eating your Memory

https://randomascii.wordpress.com/2018/02/11/zombie-processes-are-eating-your-memory/

JavaScript AntiDebugging技巧

https://x-c3ll.github.io/posts/javascript-antidebugging/

针对Windows PXE启动映像的攻击

https://blog.netspi.com/attacks-against-windows-pxe-boot-images/

在线跟踪：伦敦，巴黎，纽约

http://www.darkport.co.uk/online-stalking-london-paris-new-york/

窃取SSH凭证的另一种方法

https://mthbernardes.github.io/persistence/2018/02/10/stealing-ssh-credentials-another-approach.html

利用DoublePulsar和DanderSpritz第二部分

https://blogs.forcepoint.com/security-labs/evasions-used-shadow-brokers-tools-danderspritz-and-doublepulsar-part-2-2

Vshadow应用

Vshadow: Abusing the Volume Shadow Service for Evasion, Persistence, and Active Directory Database Extraction