¡¶Î¬ËûÃü¡·ÖðÈÕÇå¾²¼òѶ20180831

Ðû²¼Ê±¼ä 2018-08-31

¡¾Êý¾Ýй¶¡¿¼ÓÄô󺽿չ«Ë¾ÔâºÚ¿ÍÈëÇÖ £¬£¬£¬£¬£¬Ô¼2ÍòÃûÓû§µÄÐÅÏ¢ÒÉй¶


8ÔÂ22ÈÕÖÁ24ÈÕʱ´ú £¬£¬£¬£¬£¬¼ÓÄô󺽿չ«Ë¾·¢Ã÷Òì³£µÄµÇ¼»î¶¯ £¬£¬£¬£¬£¬ÎªÁ˱£»£»£»£»¤Óû§µÄÊý¾Ý £¬£¬£¬£¬£¬¸Ã¹«Ë¾Ëø¶¨ÁËËùÓÐ170ÍòÒÆ¶¯appÓû§µÄÕË»§¡£¡£¡£¡£¡£29ÈÕ £¬£¬£¬£¬£¬¸Ã¹«Ë¾Í¨ÖªÔ¼2ÍòÃûÓû§ £¬£¬£¬£¬£¬³ÆÆäСÎÒ˽¼Ò×ÊÁÏ¿ÉÄÜÔ⵽δÊÚȨµÄ»á¼û¡£¡£¡£¡£¡£ÕâЩ×ÊÁÏÖÁÉÙ°üÀ¨ÐÕÃû¡¢µç×ÓÓʼþµØµãºÍµç»°ºÅÂë £¬£¬£¬£¬£¬Ò²¿ÉÄܰüÀ¨ÐԱ𡢳öÉúÈÕÆÚ¡¢¹ú¼®¡¢»¤ÕÕºÅÂëµÈÐÅÏ¢¡£¡£¡£¡£¡£ÔÚÒ»·Ý¹ØÓÚ¸ÃÊÂÎñµÄÉùÃ÷Öиù«Ë¾ÌåÏÖÓû§µÄÒøÐп¨Êý¾ÝÒÔ¼°aircanada.comÕÊ»§²»ÊÜÓ°Ïì¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/air-canada-mobile-app-users-affected-by-data-breach/


¡¾ÆÊÎö±¨¸æ¡¿¿¨°Í˹»ùʵÑéÊÒÐû²¼¹ØÓÚ½©Ê¬ÍøÂçÏÂÔØÎļþµÄͳ¼ÆÆÊÎö


¿¨°Í˹»ùʵÑéÊÒÐû²¼ÁË2017ÄêϰëÄêºÍ2018ÄêÉϰëÄêµÄ½©Ê¬ÍøÂç»î¶¯µÄÆÊÎöЧ¹û £¬£¬£¬£¬£¬Ö÷Òª·¢Ã÷°üÀ¨£ºËæ×ÅÍøÂç·¸·¨·Ö×Ó×îÏȽ«½©Ê¬ÍøÂçÊÓΪ¶ñÒâÍÚ¿óµÄ¹¤¾ß £¬£¬£¬£¬£¬¶ñÒâ¿ó¹¤ÔÚ½©Ê¬ÍøÂçÏÂÔØÎļþÖеıÈÀýÕýÔÚÔöÌí£»£»£»£»ºóÃżÌÐøÕ¼Óн©Ê¬ÍøÂçÏÂÔØÎļþµÄ´ó²¿·Ö£»£»£»£»dropperµÄÊýĿҲÔÚÔöÌí£»£»£»£»2018ÄêÒøÐÐľÂíµÄ±ÈÀýÓÐËùϽµ£»£»£»£»½©Ê¬ÍøÂçÔ½À´Ô½¶àµØÆ¾Ö¤¿Í»§µÄÐèÇó¾ÙÐÐ×âÁÞ £¬£¬£¬£¬£¬Ðí¶àÇéÐÎÏÂÄÑÒÔÈ·¶¨½©Ê¬ÍøÂçµÄרְÊÂÇé¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://securelist.com/what-are-botnets-downloading/87658/


¡¾ÍþвÇ鱨¡¿Ç÷ÊÆ¿Æ¼¼·¢Ã÷ÓëBahamut¡¢ConfuciusºÍPatchworkÓйصÄAPT×éÖ¯Urpage


Ç÷ÊÆ¿Æ¼¼Í¨Ì«¹ýÎöÐµĹ¥»÷×éÖ¯UrpageÓëAPT×éÖ¯Confucius¡¢PatchworkÒÔ¼°BahamutµÄÏàËÆÖ®´¦ £¬£¬£¬£¬£¬ÉîÈë̽ÌÖÁËÍøÂç¹¥»÷Ö®¼ä¿ÉÄܱ£´æµÄÁªÏµ¡£¡£¡£¡£¡£UrpageÖ÷ÒªÕë¶ÔÎÚ¶û¶¼ÓïºÍ°¢À­²®ÓïµÄÎÄ×Ö´¦Öóͷ£Æ÷InPage £¬£¬£¬£¬£¬ÆäʹÓÃÁËÓëConfuciusºÍPatchworkÏàͬµÄDelphiºóÃÅ×é¼þ £¬£¬£¬£¬£¬²¢Ê¹ÓÃÁËÓëBahamutÀàËÆµÄ¶ñÒâÈí¼þ¡£¡£¡£¡£¡£Ðí¶àÏàËÆÖ®´¦ºÍÁªÏµÅú×¢ £¬£¬£¬£¬£¬Õâ¿ÉÄÜÊÇÒ»¸ö¼òµ¥µÄÊÕ·ÑÍŶӽ«Æä¹¤¾ßºÍЧÀͳöÊÛ¸ø¾ßÓвî±ðÄ¿µÄºÍÄ¿µÄµÄÆäËü×éÖ¯¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://blog.trendmicro.com/trendlabs-security-intelligence/the-urpage-connection-to-bahamut-confucius-and-patchwork/


¡¾ÍþвÇ鱨¡¿Ñо¿Ö°Ô±·¢Ã÷7339¸öMagentoÔÚÏßÊÐËÁѬȾ¶ñÒâÈí¼þMagentoCore


ºÉÀ¼Çå¾²Ñо¿Ö°Ô±Willem de Groot·¢Ã÷¶ñÒâÈí¼þMagentoCoreÔÚÒÑÍùÁù¸öÔÂÄÚѬȾÁË7339¸öMagentoÔÚÏßÊÐËÁ¡£¡£¡£¡£¡£MagentoCoreÊÇÒ»¸öskimmer¾ç±¾ £¬£¬£¬£¬£¬Í¨³£¹ÒÔØÔÚÊÐËÁµÄ¸¶¿îÒ³Ãæ²¢ÇÔÈ¡Óû§µÄÖ§¸¶¿¨ÐÅÏ¢¡£¡£¡£¡£¡£¸Ã¾ç±¾´Ómagentocore.netÓòÃû¼ÓÔØ £¬£¬£¬£¬£¬Æ½¾ùÌìÌìѬȾ50µ½60¼ÒÔÚÏßÊÐËÁ¡£¡£¡£¡£¡£Groot»¹³ÆÏÖÔÚËùÓеÄMagentoÊÐËÁÖÐÓÐ4.2£¥Ñ¬È¾ÁËÒ»ÖÖ»ò¶àÖÖ¶ñÒâ¾ç±¾¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/magentocore-malware-found-on-7-339-magento-stores/


¡¾Îó²î²¹¶¡¡¿4ÄêǰÅû¶µÄÎó²îMisfortune CookieÈÔÔÚÓ°Ï첿·ÖÒ½ÁÆ×°±¸


CyberMDXÑо¿Ö°Ô±·¢Ã÷¸ßͨ×Ó¹«Ë¾CapsuleµÄDatacatptorÖÕ¶ËЧÀÍÆ÷£¨DTS£©²úÆ·ÈÔÈ»Ò×ÊÜMisfortune CookieÎó²îµÄÓ°Ïì¡£¡£¡£¡£¡£DTS×÷ΪҽÁÆ×°±¸Íø¹Ø £¬£¬£¬£¬£¬ÓÃÓÚ½«¼à»¤ÒÇ¡¢ºôÎüÆ÷¡¢Âé×íϵͳºÍÊäÒº±ÃµÈ×°±¸ÅþÁ¬µ½Ò½ÔºµÄÍøÂç¡£¡£¡£¡£¡£¸ÃÎó²îÓÚ2014ÄêÓÉCheck PointÅû¶ £¬£¬£¬£¬£¬±£´æÓÚAllegroSoftµÄRomPager×é¼þÖÐ £¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐС£¡£¡£¡£¡£ICS-CERTÕë¶Ô¸ÃÎó²î£¨CVE-2014-9222£©Ðû²¼ÁËÖÒÑÔ £¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSµÃ·ÖΪ9.8¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/4-year-old-misfortune-cookie-rears-its-head-in-medical-gateway-device/


¡¾Îó²î²¹¶¡¡¿Ê©ÄÍµÂµçÆøÐû²¼Çå¾²¸üР£¬£¬£¬£¬£¬ÐÞ¸´¶à¿î²úÆ·ÖеÄÇå¾²Îó²î


Ê©ÄÍµÂµçÆøÐÞ¸´ÆäµçÔ´ÖÎÀíϵͳPowerLogic PM5560¼°¿É±à³ÌÂß¼­¿ØÖÆÆ÷Modicon M221ÖеĶà¸öÇå¾²Îó²î¡£¡£¡£¡£¡£¹Ì¼þ°æ±¾2.5.4֮ǰµÄPowerLogic PM5560±£´æ¿çÕ¾¾ç±¾Îó²î£¨CVE-2018-7795£© £¬£¬£¬£¬£¬¿Éµ¼ÖÂÔ¶³Ì´úÂëÖ´ÐС£¡£¡£¡£¡£¹Ì¼þ°æ±¾V1.6.2.0֮ǰµÄModicon M221±£´æ¶à¸öÎó²î £¬£¬£¬£¬£¬°üÀ¨¿ÉÔÊÐíδ¾­ÊÚȨµÄÓû§ÖØ·ÅÈÏÖ¤ÐòÁеÄÎó²î£¨CVE-2018-7790£©¡¢¿ÉÔÊÐíδ¾­ÊÚȨµÄÓû§ÁýÕÖÔ­ÃÜÂëµÄÎó²î£¨CVE-2018-7791£©ÒÔ¼°¿ÉÔÊÐíδ¾­ÊÚȨµÄÓû§Ê¹Óòʺç±íÆÆ½âÃÜÂëµÄÎó²î£¨CVE-2018-7792£©¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://threatpost.com/high-severity-flaws-patched-in-schneider-electric-products/137034/