安全周事记(20190408)

- 4.2 [学习手册：窥探Web前端黑客技术](http://blog.nsfocus.net/spying-web-front-end-hacking-techniques/)
- 4.2 [“铝”巨人遭勒索病毒攻击，工业互联时代如何保障网络安全](http://blog.nsfocus.net/how-to-guarantee-network-security-in-the-age-of-industrial-interconnecti/)
- 4.3 [KBuster：以伪造韩国银行APP的韩国黑产活动披露](https://www.freebuf.com/articles/terminal/199175.html)
- 4.3 [伊拉克电信公司遭到MuddyWater组织定向攻击](https://www.freebuf.com/articles/network/199008.html)
- 4.3 [换瓶不换酒，盗号木马还在钻搜索引擎广告的空子](https://www.anquanke.com/post/id/175954)
- 4.4 [Xiaomi Vulnerability: When Security Is Not What it Seems](http://blog.checkpoint.com/2019/04/04/xiaomi-vulnerability-when-security-is-not-what-it-seems/)
- 4.5 [友讯路由器 DNS 流量遭黑客劫持](https://www.solidot.org/story?sid=60138)
- 4.5 [Chashell：基于DNS的反向Shell](https://www.freebuf.com/sectool/199406.html)
- 4.5 [2018全球网络安全图鉴](https://www.freebuf.com/articles/network/199133.html)
- 4.6 [如何使用SQLMap脚本绕过Web应用防火墙](https://www.freebuf.com/sectool/198403.html)
- 4.6 [“商贸信”病毒装成商品图片，双击就被安装商业间谍软件](https://www.freebuf.com/articles/network/199906.html)
- 4.7 [奇思妙想之用JS给图片加口令](https://www.freebuf.com/articles/web/199559.html)
- 4.7 [4月7日每日安全热点 - 湖北一公职人员泄露公民信息5万余条](https://www.anquanke.com/post/id/176043)
- 4.8 [CISO的闪电战——2年甲方安全的自我修炼](https://www.anquanke.com/post/id/176075)
- 4.8 [谁劫持了我的DNS：全球域名解析路径劫持测量与分析](https://www.inforsec.org/wp/?p=3161)