资讯类

Spectre/Meltdown补丁对SolarWinds的AWS基础架构有重大影响

http://securityaffairs.co/wordpress/67767/security/meltdown-patches-aws-impact.html

报告指出OnePlus网站的支付系统被盗取信用卡详情

https://thehackernews.com/2018/01/oneplus-credit-card.html

新的KillDisk变种的目标是拉美金融机构的Windows设备

http://securityaffairs.co/wordpress/67780/breaking-news/windows-killdisk-wiper-latam.html

RubyMiner恶意软件将攻击Linux和Windows服务器

https://www.bleepingcomputer.com/news/security/linux-and-windows-servers-targeted-with-rubyminer-malware/

十二月份最受欢迎的恶意软件：加密矿工影响全球55％的企业

https://blog.checkpoint.com/2018/01/15/decembers-wanted-malware-crypto-miners-affect-55-businesses-worldwide/

技术类

Cookies:我应该担心吗?

https://blog.malwarebytes.com/101/2018/01/cookies-should-i-worry-about-them/

如何保护iOS用户数据：密码和生物识别 – Face ID或Touch ID

https://www.raywenderlich.com/179924/secure-ios-user-data-keychain-biometrics-face-id-touch-id

OWASP ZSC – 混淆代码生成器工具

https://www.darknet.org.uk/2018/01/owasp-zsc-obfuscated-code-generator-tool/

Slui File Handler Hijack LPE

https://bytecode77.com/hacking/exploits/uac-bypass/slui-file-handler-hijack-privilege-escalation

BitTorrent用户注意：漏洞将让黑客控制你的电脑

https://arstechnica.com/information-technology/2018/01/bittorrent-users-beware-flaw-lets-hackers-control-your-computer/

在野处理SYN包

https://blog.cloudflare.com/syn-packet-handling-in-the-wild/

Gobuster v1.4.1

https://github.com/OJ/gobuster