安全研究 SECURITY SERVICE

Ursnif变体通过Word文档传播,使用异常处理函数解密恶意代码

发布时间: 2019-08-13
来源:
浏览数: 61

(2019-03-15)今日威胁情报


 

1、Ursnif变体通过Word文档传播,使用异常处理函数解密恶意代码


相关链接:https://redqueen.tj-un.com/IntelDetails.html?id=1f4214299d5e4cf6bb926d90668f5828


2、新僵尸网络木马Emptiness,通过变换C&C协议逃避追踪


相关链接:https://redqueen.tj-un.com/IntelDetails.html?id=71aa2f3ad24e488883f18b8497eba68f


3、针对中文网站用户的水坑钓鱼攻击,利用WinRAR和RTF文件漏洞


相关链接:https://redqueen.tj-un.com/IntelDetails.html?id=c8b7dcc734164e03b6aadaea877a257d


4、安全研究人员称中兴4G热点可能成为黑客的温床


相关链接:https://www.cnbeta.com/articles/tech/877311.htm



(2019-03-15)今日威胁情报



1、【高】网站安全狗(Apache版)V4.0存在SQL注入漏洞(CNVD-2019-21949)


相关链接:https://www.cnvd.org.cn/flaw/show/CNVD-2019-21949


2、【高】深喉咙CMS v4.2存在文件写入漏洞(CNVD-2019-21950)


相关链接:https://www.cnvd.org.cn/flaw/show/CNVD-2019-21950


3、【高】WordPress acf-better-search插件跨站请求伪造漏洞(CNVD-2019-27015)


相关链接:https://www.cnvd.org.cn/flaw/show/CNVD-2019-27015


4、【中】Backdrop CMS跨站脚本漏洞(CNVD-2019-26880)


相关链接:https://www.cnvd.org.cn/flaw/show/CNVD-2019-26880



分享到:
  • 相关推荐 RELATED TO RECOMMEND
  • Lazarus组织瞄准无人机领域开展攻击活动
    点击次数: 1000
    2025 - 10 - 27
    Lazarus组织瞄准无人机领域开展攻击活动 https://www.welivesecurity.com/en/eset-research/gotta-fly-lazarus-targets-uav-sector/ 新型Caminho加载器利用LSB隐写术传播恶意软件 https://arcticwolf.com/resources/blog/brazilian-caminho-loader-employs-lsb-steganography-to-deliver-multiple-malware-families/ Delta Electronics ASDA-Soft漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-04 ASKI Energy ALS-Mini-S8 and ALS-Mini-S4漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-296-02 Smishing Triad组织发起短信钓鱼攻击瞄准全球用户 https://unit42.paloaltonetworks.com/global-smishing-campaign/
  • Rockwell Automation FactoryTalk Linx漏洞预警
    点击次数: 101
    2025 - 10 - 20
    Rockwell Automation FactoryTalk Linx漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-02 Hitachi Energy MACH GWS漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-11 Siemens HyperLynx and Industrial Edge App Publisher漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-10
  • UNC5221组织针对美国科技和法律行业部署BRICKSTORM后门
    点击次数: 102
    2025 - 10 - 09
    黑客组织BO Team更新攻击工具 https://securelist.ru/bo-team-upgrades-brockendoor-and-zeronetkit-backdoors/113536/ LastPass发现伪造的GitHub仓库传播macOS窃密软件Atomic https://blog.lastpass.com/posts/attack-targeting-macs-via-github-pages UNC5221组织针对美国科技和法律行业部署BRICKSTORM后门 https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign Lumma Stealer新变种通过分层混淆来逃避检测 https://gbhackers.com/lummastealers-details/
  • FUJIFILM Healthcare Americas Synapse Mobility漏洞预警
    点击次数: 109
    2025 - 08 - 25
    Paper Werewolf利用WinRAR零日漏洞传播恶意软件 https://gbhackers.com/paper-werewolf-exploits-winrar-zero-day-vulnerability/ FUJIFILM Healthcare Americas Synapse Mobility漏洞预警 https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-233-01 MuddyWater针对全球多地首席财务官和财务高管发起网络钓鱼攻击 https://hunt.io/blog/apt-muddywater-deploys-multi-stage-phishing-to-target-cfos 新型加载器QuirkyLoader通过钓鱼邮件传播恶意软件 https://www.ibm.com/think/x-force/ibm-x-force-threat-analysis-quirkyloaderScaly Wolf组织针对俄罗斯工程公司发起定向攻击 https://news.drweb.com/show/?i=15046&lng=en&c=5
  • DevilsTongue间谍软件针对多个国家Windows用户
    点击次数: 126
    2025 - 08 - 11
    DevilsTongue间谍软件针对多个国家Windows用户 https://gbhackers.com/sophisticated-devilstongue-spyware/ UAC-0099组织利用HTA文件部署MATCHBOIL加载器 https://gbhackers.com/uac-0099-hackers-weaponize-hta-files/ Delta Electronics DIAView漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-01 Packet Power EMX and EG漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-05  ealink IP Phones and RPS (Redirect and Provisioning Service)漏洞预警 https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-08
友情连接:
免费服务热线 ree service hotline 400-613-1868 手机端
法律声明 Copyright  西安交大捷普网络科技有限公司  陕ICP备18022218号-1

陕公网安备 61019002000857号
犀牛云提供云计算服务