热点概要：rubygems.org远程代码执行漏洞、一加手机的OxygenOS被指收集用户信息、朝鲜和伊朗使用CodeProject来开发恶意软件、Windows DNS客户端存在多个堆缓冲区溢出漏洞、Acunetix安全加固指南 、sqliv:批量SQL注入漏洞扫描工具、CVE-2017-11826：新的Office 0day被曝在野外利用

国内热词（以下内容部分来自：http://www.solidot.org/ ）

一加的OxygenOS会跟踪用户的所有活动

资讯类：

小而强大的ATMii能让Win 7和Vista系统的ATM机吐钞

https://www.bleepingcomputer.com/news/security/atmii-malware-makes-windows-7-and-windows-vista-atms-spit-out-cash/ 

技术类：

rubygems.org远程代码执行漏洞

https://justi.cz/security/2017/10/07/rubygems-org-rce.html 

一加手机的OxygenOS被指收集用户信息

https://www.chrisdcmoore.co.uk/post/oneplus-analytics/ 

朝鲜和伊朗使用CodeProject来开发恶意软件

http://www.intezer.com/north-korea-iran-use-codeproject-develop-malware/ 

使用Sysmon进行Threat Hunting：检测启用宏的Word文档

http://syspanda.com/index.php/2017/10/10/threat-hunting-sysmon-word-document-macro/ 

iOS隐私：steal.password – 轻松获取用户的Apple ID密码，只需要通过钓鱼的方式

https://krausefx.com/blog/ios-privacy-stealpassword-easily-get-the-users-apple-id-password-just-by-asking 

Front-running Bancor in 150 lines of Python with Ethereum API

https://hackernoon.com/front-running-bancor-in-150-lines-of-python-with-ethereum-api-d5e2bfd0d798 

使用osquery跟踪被盗的代码签名证书

https://blog.trailofbits.com/2017/10/10/tracking-a-stolen-code-signing-certificate-with-osquery/ 

Windows DNS客户端存在多个堆缓冲区溢出漏洞

https://www.bishopfox.com/blog/2017/10/a-bug-has-no-name-multiple-heap-buffer-overflows-in-the-windows-dns-client/ 

Fake Crypto: Microsoft Outlook S/MIME Cleartext Disclosure (CVE-2017-11776)

https://www.sec-consult.com/en/blog/2017/10/fake-crypto-microsoft-outlook-smime-cleartext-disclosure-cve-2017-11776/index.html 

社会工程学攻击和Whatsapp的故事

https://robertheaton.com/2016/10/22/a-tale-of-love-betrayal-social-engineering-and-whatsapp/ 

Acunetix安全加固指南 

https://www.acunetix.com/blog/docs/acunetix-security-hardening-guide/ 

微软 Office Word 无宏命令执行漏洞

https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/ 

New Office 0day (CVE-2017-11826) Exploited in the Wild

http://360coresec.blogspot.com/2017/10/new-office-0day-cve-2017-11826.html 

LTR101：CloudFront域接管/劫持

https://blog.zsec.uk/subdomainhijack/ 

Metasploit Module for Tomcat JSP Upload via PUT Bypass (CVE-2017-12615)

https://www.peew.pw/blog/2017/10/9/new-vulnerability-same-old-tomcat-cve-2017-12615 

poet：一款后渗透工具

https://n0where.net/poet-simple-post-exploitation/ 

The Absurdly Underestimated Dangers of CSV Injection 

http://georgemauer.net/2017/10/07/csv-injection.html 

sqliv:批量SQL注入漏洞扫描工具

https://github.com/Hadesy2k/sqliv 

New NIST and DHS Standards Get Ready to Tackle BGP Hijacks

https://www.bleepingcomputer.com/news/technology/new-nist-and-dhs-standards-get-ready-to-tackle-bgp-hijacks/ 

Pin Visual Coverage Tool for Binary Ninja 

http://www.chokepoint.net/2017/10/pin-visual-coverage-tool-for-binary.html 

Stack  Overflow  Considered  Harmful The Impact of Copy&Paste on Android Application Security

https://arxiv.org/pdf/1710.03135.pdf 

Exploring OpenVMS from “unsecure” NFS mount on linux

https://astr0baby.wordpress.com/2017/10/09/exploring-openvms-from-unsecure-nfs-mount-on-linux/ 

FrozenCell: Multi-platform surveillance campaign against Palestinians

https://blog.lookout.com/frozencell-mobile-threat 

Run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts. 

https://github.com/intezer/docker-ida 

Big Data Visual Analytics: Aperture Tiles

https://n0where.net/big-data-visual-analytics/