今日威胁情报2021/1/4-5(第336期)

  • A+
所属分类:安全新闻

今日威胁情报2021/1/4-5(第336期)

TI.360.CN


高级威胁分析
今日威胁情报2021/1/4-5(第336期)


1、China cyber attacks: the current threat landscape

https://www.ironnet.com/blog/china-cyber-attacks-the-current-threat-landscape


2、疑似某特马再曝光分析

https://nao-sec.org/2021/01/royal-road-redive.html

相关IOC:

https://docs.google.com/spreadsheets/d/1lDzylI6Jymz7EE0agRVUsL3kwmJSRDjXYjr5l5MUOEk/edit#gid=127522608


3、APT27 Turns to Ransomware

https://www.bleepingcomputer.com/news/security/chinas-apt-hackers-move-to-ransomware-attacks/

https://medium.com/proferosec-osm/apt27-turns-to-ransomware-77aaba41ef1e

https://shared-public-reports.s3-eu-west-1.amazonaws.com/APT27+turns+to+ransomware.pdf


4、攻击者使用WiFi AP MAC地址(也称为BSSID)作为对受感染主机进行地理定位的方法,利用WiFi BSSID来识别受害者。(XX手段)

https://www.zdnet.com/article/malware-uses-wifi-bssid-for-victim-identification/

https://isc.sans.edu/diary/rss/26910


技术分享
今日威胁情报2021/1/4-5(第336期)


1、Dridex银行木马恶意软件分析,该恶意软件变迁说明。

今日威胁情报2021/1/4-5(第336期)

https://research.checkpoint.com/2021/stopping-serial-killer-catching-the-next-strike/


2、威胁情报分析,利用PDNS分析SUNBURST攻击受害者

今日威胁情报2021/1/4-5(第336期)

https://www.netresec.com/?page=Blog&month=2021-01&post=Finding-Targeted-SUNBURST-Victims-with-pDNS


3、CobaltStrike-Defence合集。

https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence


4、绕过google 音频验证码

https://github.com/NikolaiT/uncaptcha3


漏洞相关
今日威胁情报2021/1/4-5(第336期)


1、Zend Framework远程执行代码漏洞,CVE-2021-3007

https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%20rce.md


数据泄露
今日威胁情报2021/1/4-5(第336期)


1、疑似2亿公民数据泄露

今日威胁情报2021/1/4-5(第336期)

https://cybleinc.com/2021/01/03/200-million-records-of-chinese-citizens-for-sale-on-the-darkweb/


2、TOP25游戏公司将近100万个与邮箱相关的账号被窃取销售。

https://ke-la.com/darknet-threat-actors-are-not-playing-games-with-the-gaming-industry/


3、印度新冠检测患者数据泄露

https://www.bleepingcomputer.com/news/security/indian-government-sites-leaking-patient-covid-19-test-results/


网络战与网络情报
今日威胁情报2021/1/4-5(第336期)


1、美国和美国的狗腿子们要网络清洁,针对兔子,真特娘的搞笑。

https://www.state.gov/the-clean-network/


2、欧盟对于网络地缘政治的看法

今日威胁情报2021/1/4-5(第336期)

https://www.agendadigitale.eu/sicurezza/cyber-geopolitica-lue-cambia-approccio-tutti-i-tasselli-della-nuova-strategia/


3、2021年可能面临的网络威胁

https://www.helpnetsecurity.com/2021/01/05/2021-risk-areas/


4、真假不知道,感觉像是假的。5G配合疫苗植入……(电吉他效果踏板图?)

今日威胁情报2021/1/4-5(第336期)

https://cdm.link/2021/01/conspiracy-theorists-claim-this-5g-chip-circuit-will-be-in-vaccine-but-its-a-boss-guitar-pedal/


今日威胁情报2021/1/4-5(第336期)

今日威胁情报2021/1/4-5(第336期)

本文始发于微信公众号(ThreatPage全球威胁情报):今日威胁情报2021/1/4-5(第336期)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: