一个人的闲言碎语

dr0v

blog.drov.com.cn
一个人碎碎念。
About Me
A lazy security employee.

2019年4月23日星期二

- 4.16 [黑客 Gnosticplayers 兜售第五批数据:总涉44家企业近10亿用户记录](http://hackernews.cc/archives/25259)
- 4.16 [登录注册攻与防](https://www.secpulse.com/archives/104091.html)
- 4.17 [浅析基于人格特征的内部高风险用户识别方法](https://www.freebuf.com/articles/network/200564.html)
- 4.18 [CNCERT发布《2018年我国互联网网络安全态势报告》](https://www.freebuf.com/articles/network/201280.html)
- 4.18 [一些知名中國 app 因涉嫌大規模廣告詐騙而被 Google 下架](https://chinese.engadget.com/2019/04/18/google-pulls-android-apps-ad-fraud/)
- 4.19 [门罗币挖矿&远控木马样本分析](https://www.freebuf.com/articles/system/200875.html)
- 4.19 [新型Anatova恶意软件分析](https://www.freebuf.com/articles/database/199895.html)
- 4.19 [国家安全机关公布境外网络攻击窃密案件](https://www.anquanke.com/post/id/176944)
- 4.22 [Bilibili 源代码泄漏](https://www.solidot.org/story?sid=60351)
- 4.22 [APT34攻击全本分析](http://www.ijiandao.com/2b/baijia/245780.html)

	- 4.19 [黑客在 Telegram 上出售伊朗间谍部队 APT34 的黑客工具源代码](http://hackernews.cc/archives/25286)
	
	- 4.19 [黑客泄露APT 34组织工具、成员信息,扬言更多秘密将持续曝光](https://www.freebuf.com/news/201501.html)

- 4.22 [DNS劫持欺骗病毒“自杀”](https://www.freebuf.com/articles/system/201032.html)
- 4.23 [Targeted Attacks hit multiple embassies with Trojanized TeamViewer](https://securityaffairs.co/wordpress/84367/hacking/trojanized-teamviewer-hit-embassies.html)
- 4.23 [起底童星培训骗局:千亿级的“黑金”产业链,到底有多赚?](http://www.ijiandao.com/2b/baijia/246470.html)

2019年4月15日星期一

- 4.8 [GandCrab5.2勒索病毒伪装国家机关发送钓鱼邮件进行攻击](https://www.freebuf.com/articles/system/200070.html)
- 4.9 [苹果企业证书再爆丑闻 间谍软件窃取用户隐私信息](http://hackernews.cc/archives/25210)
- 4.10 [“银行提款机”变种病毒分析报告](https://www.freebuf.com/articles/paper/200284.html)
- 4.10 [火眼推出 Windows 免费渗透测试套件,包含140多款工具](https://www.freebuf.com/sectool/200524.html)
- 4.10 [流行开发工具 bootstrap-sass 被修改植入后门](https://www.solidot.org/story?sid=60184)
- 4.15 [FuzzScanner:信息搜集开源小工具](https://www.freebuf.com/sectool/200344.html)
- 4.15 [使用HTML注入进行信息泄露](https://www.anquanke.com/post/id/176565)
- 4.15 [数据分析与可视化:谁是安全圈的吃鸡第一人](https://www.freebuf.com/articles/web/199925.html)

2019年4月8日星期一

- 4.2 [学习手册:窥探Web前端黑客技术](http://blog.nsfocus.net/spying-web-front-end-hacking-techniques/)
- 4.2 [“铝”巨人遭勒索病毒攻击,工业互联时代如何保障网络安全](http://blog.nsfocus.net/how-to-guarantee-network-security-in-the-age-of-industrial-interconnecti/)
- 4.3 [KBuster:以伪造韩国银行APP的韩国黑产活动披露](https://www.freebuf.com/articles/terminal/199175.html)
- 4.3 [伊拉克电信公司遭到MuddyWater组织定向攻击](https://www.freebuf.com/articles/network/199008.html)
- 4.3 [换瓶不换酒,盗号木马还在钻搜索引擎广告的空子](https://www.anquanke.com/post/id/175954)
- 4.4 [Xiaomi Vulnerability: When Security Is Not What it Seems](http://blog.checkpoint.com/2019/04/04/xiaomi-vulnerability-when-security-is-not-what-it-seems/)
- 4.5 [友讯路由器 DNS 流量遭黑客劫持](https://www.solidot.org/story?sid=60138)
- 4.5 [Chashell:基于DNS的反向Shell](https://www.freebuf.com/sectool/199406.html)
- 4.5 [2018全球网络安全图鉴](https://www.freebuf.com/articles/network/199133.html)
- 4.6 [如何使用SQLMap脚本绕过Web应用防火墙](https://www.freebuf.com/sectool/198403.html)
- 4.6 [“商贸信”病毒装成商品图片,双击就被安装商业间谍软件](https://www.freebuf.com/articles/network/199906.html)
- 4.7 [奇思妙想之用JS给图片加口令](https://www.freebuf.com/articles/web/199559.html)
- 4.7 [4月7日每日安全热点 - 湖北一公职人员泄露公民信息5万余条](https://www.anquanke.com/post/id/176043)
- 4.8 [CISO的闪电战——2年甲方安全的自我修炼](https://www.anquanke.com/post/id/176075)
- 4.8 [谁劫持了我的DNS:全球域名解析路径劫持测量与分析](https://www.inforsec.org/wp/?p=3161)