资讯类
仅仅五天之后,世界上最大的DDoS攻击记录被打破
https://www.theregister.co.uk/2018/03/05/worlds_biggest_ddos_attack_record_broken_after_just_five_days/
https://arstechnica.com/information-technology/2018/03/us-service-provider-survives-the-biggest-recorded-ddos-in-history/
研究人员发现4G LTE协议的新缺陷
https://thehackernews.com/2018/03/4g-lte-network-hacking.html
https://www.bleepingcomputer.com/news/security/researchers-find-new-flaws-in-4g-lte-protocols/
http://www.zdnet.com/article/new-lte-attacks-eavesdrop-on-messages-track-locations-spoof-alerts/
黑客可能能够控制你的智能电视
http://www.record-bee.com/general-news/20180305/hackers-might-be-able-to-control-your-smart-tv
Mining is the new black
https://securelist.com/mining-is-the-new-black/84232/
Applebee餐厅POS机被感染
http://securityaffairs.co/wordpress/69877/data-breach/applebee-payment-card-breach.html
Pivotal的Spring Data REST中的关键漏洞允许攻击者运行构建于其组件上的应用程序的任何机器
http://securityaffairs.co/wordpress/69891/hacking/pivotals-spring-data-rest-flaw.html
技术类
关于网络钓鱼的讨论
https://www.trustedsec.com/2018/03/take-employees-phishing/
JoomScan 0.0.1
https://packetstormsecurity.com/files/146649/joomscan-0.0.1.tar.gz
从外部Active Directory获取域管理员
https://markitzeroday.com/pass-the-hash/crack-map-exec/2018/03/04/da-from-outside-the-domain.html
CloudMe Sync 1.9.2远程缓冲区溢出
https://packetstormsecurity.com/files/146644/CloudMeSync-1.9.2-Exploit.py.txt
NETGEAR – ‘TelnetEnable’Magic Packet(Metasploit)
https://www.exploit-db.com/exploits/44245/
评论