΢Èí¶à¸ö¹©Ó¦É̵Ä40¶à¸öÇý¶¯³ÌÐò±£´æÌáȨÎó²î£»£»£»£»£»£»Delta ICSϵͳ»º³åÇøÒç³öÎó²î£»£»£»£»£»£»StockX±»µÁÊý¾Ý¿âÔÚ°µÍø³öÊÛ
Ðû²¼Ê±¼ä 2019-08-12
EclypsiumÑо¿Ö°Ô±Åû¶Áè¼Ý20¼Ò΢Èí¹©Ó¦ÉÌÌṩµÄ40¶à¸öWindowsÇý¶¯³ÌÐò±£´æÌáȨÎó²î£¬£¬£¬£¬£¬£¬£¬¿ÉÄܻᱻºÚ¿ÍʹÓᣡ£¡£¡£¡£ÊÜÓ°ÏìµÄ³§Ḛ́üÀ¨×ÅÃûBIOS³§É̼°¸÷´óÓ²¼þ¹©Ó¦ÉÌ£¬£¬£¬£¬£¬£¬£¬ÀýÈ绪˶¡¢¶«Ö¥¡¢Intel¡¢¼¼¼Î¡¢Nvidia¡¢»ªÎªµÈ¡£¡£¡£¡£¡£ÓÉÓÚÕâЩÇý¶¯¶¼¾ÓÉÁË΢ÈíÈÏÖ¤£¬£¬£¬£¬£¬£¬£¬Òò´Ë¶ñÒâ³ÌÐò¿ÉÒÔʹÓÃËüÃÇ´ÓÓû§¿Õ¼ä£¨Ring3£©ÌáȨÖÁÄÚºËȨÏÞ£¨Ring0£©¡£¡£¡£¡£¡£EclypsiumÌåÏÖÕâЩÇý¶¯Ó°ÏìÁËËùÓа汾µÄWindows£¬£¬£¬£¬£¬£¬£¬ÕâÒâζ×ÅÖÁÉÙÊý°ÙÍòÓû§ÃæÁÙΣº¦¡£¡£¡£¡£¡£IntelºÍ»ªÎªµÈÒѾÐû²¼ÁËÏà¹ØÐÞ¸´²¹¶¡¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/over-40-windows-hardware-drivers-vulnerable-to-privilege-escalation/
2¡¢Delta ICSϵͳ±£´æ»º³åÇøÒç³öÎó²î£¬£¬£¬£¬£¬£¬£¬¿Éµ¼ÖÂ×°±¸±»½ÓÊÜ

Ñо¿Ö°Ô±Åû¶Delta¹¤¿ØÏµÍ³enteliBUS ManagerÖеÄÒ»¸öÇå¾²Îó²î£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²î¿Éµ¼ÖÂ×°±¸±»½ÓÊÜ¡£¡£¡£¡£¡£Æ¾Ö¤McAfeeÑо¿Ö°Ô±µÄ±íÊö£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²î£¨CVE-2019-9569£©ÊÇÓÉ»º³åÇøÒç³öµ¼Öµġ£¡£¡£¡£¡£¹¥»÷Õß¿Éͨ¹ý¹ã²¥Í¨Ñ¶Ìᳫ¹¥»÷£¬£¬£¬£¬£¬£¬£¬ÕâÒâζÕßËûÃÇÉõÖÁÎÞÐèÖªµÀ¹¥»÷Ä¿µÄµÄÍøÂçλÖᣡ£¡£¡£¡£Delta ControlsÒѾÐû²¼Á˸ÃÎó²îµÄÐÞ¸´²¹¶¡£¬£¬£¬£¬£¬£¬£¬µ«Ñо¿Ö°Ô±³ÆÍ¨¹ýShodanËÑË÷ÈÔ¿É·¢Ã÷1600¸öÒ×Êܹ¥»÷µÄϵͳÔÚÍøÉÏ̻¶¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£ºhttps://threatpost.com/def-con-2019-delta-ics-flaw-allows-total-industrial-takeover/147142/
3¡¢Ð¶ñÒâÈí¼þClipsa£¬£¬£¬£¬£¬£¬£¬Ö÷ÒªÕë¶ÔWordPressÍøÕ¾Ìᳫ±©Á¦ÆÆ½â¹¥»÷

Avast·¢Ã÷Ò»¸öеĶñÒâÈí¼þ¼Ò×åClipsa£¬£¬£¬£¬£¬£¬£¬¸Ã±äÖÖÖ÷ҪɨÃ軥ÁªÍø²¢Õë¶ÔWordPressÍøÕ¾Ìᳫ±©Á¦ÆÆ½â¹¥»÷¡£¡£¡£¡£¡£Ò»µ©Ñ¬È¾×°±¸£¬£¬£¬£¬£¬£¬£¬Clipsa½«Ìᳫ¶àÖÖ¹¥»÷ÐÐΪ£¬£¬£¬£¬£¬£¬£¬°üÀ¨ÇÔÈ¡¼ÓÃÜÇ®±ÒÉúÒâ¡¢×°ÖöñÒâ¿ó¹¤¡¢É¨ÃèÒ×Êܹ¥»÷µÄWordPressÍøÕ¾µÈ¡£¡£¡£¡£¡£ÊÜѬȾµÄÓû§Ö÷ҪλÓÚÓ¡¶È£¬£¬£¬£¬£¬£¬£¬²¨¼°Áè¼Ý2.8ÍòÓû§£»£»£»£»£»£»Æä´ÎÊÇ·ÆÂɱöºÍ°ÍÎ÷¡£¡£¡£¡£¡£Ñо¿Ö°Ô±ÆÊÎöÁËÓë¸Ã±äÖÖÓйصÄ9412¸ö±ÈÌØ±ÒµØµã£¬£¬£¬£¬£¬£¬£¬·¢Ã÷·¸·¨·Ö×ÓµÄÊÕ»ñΪ3¸ö±ÈÌØ±Ò¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/89612/malware/clipsa-malware.html
4¡¢ÃÀ¹ú°ü¹Ü¹«Ë¾State FarmÔâײ¿â¹¥»÷£¬£¬£¬£¬£¬£¬£¬²¿·ÖÓû§Æ¾Ö¤Ð¹Â¶
ÃÀ¹ú°ü¹Ü¹«Ë¾State FarmÏòÓû§·¢ËÍÊý¾Ýй¶֪ͨÓʼþ³Æ£¬£¬£¬£¬£¬£¬£¬ÆäÔÚ7Ô·ÝÔ⵽ײ¿â¹¥»÷£¬£¬£¬£¬£¬£¬£¬µ¼Ö²¿·ÖÓû§µÄƾ֤й¶¡£¡£¡£¡£¡£¸Ã¹«Ë¾³ÆÃ»ÓÐÓû§Òþ˽ÐÅϢй¶£¬£¬£¬£¬£¬£¬£¬Ò²Ã»Óз¢Ã÷Ïà¹ØµÄڲƻ£¬£¬£¬£¬£¬£¬£¬µ«ÒªÇóÊÜÓ°ÏìµÄÓû§ÖØÖÃÆäÃÜÂë¡£¡£¡£¡£¡£Ê״ι¥»÷±¬·¢ÔÚ7ÔÂ6ÈÕ£¬£¬£¬£¬£¬£¬£¬Ëæºóÿ¸ô¼¸Ì챬·¢Ò»´Î£¬£¬£¬£¬£¬£¬£¬Ò»Ö±Ò»Á¬µ½7ÔÂ22ÈÕ¡£¡£¡£¡£¡£¸Ã¹«Ë¾²¢Î´Í¸Â¶ÊÜÓ°ÏìµÄÏêϸÈËÊý¡£¡£¡£¡£¡£
5¡¢StockX±»µÁÊý¾Ý¿âÔÚ°µÍø³öÊÛ£¬£¬£¬£¬£¬£¬£¬°üÀ¨684ÍòÓû§ÐÅÏ¢

Ñо¿Ö°Ô±·¢Ã÷Ò»¸ö°üÀ¨684Íò±»µÁÓû§ÐÅÏ¢µÄStockXÊý¾Ý¿âÔÚ°µÍøÉϳöÊÛ£¬£¬£¬£¬£¬£¬£¬ÕâЩÐÅÏ¢°üÀ¨µç×ÓÓʼþµØµã¡¢ÐÕÃû¡¢×¡Ö·¡¢¹ºÖüͼÒÔ¼°MD5¹þÏ£ÃÜÂë¡£¡£¡£¡£¡£Have I been PwnedÍøÕ¾ÒѾÊÕ¼Á˸ÃÊý¾Ý¿â£¬£¬£¬£¬£¬£¬£¬Óû§¿ÉÔÚ¸ÃÍøÕ¾ÉϼìË÷×Ô¼ºµÄÕË»§ÊÇ·ñ±»µÁ¡£¡£¡£¡£¡£¸ÃÊý¾Ý¿â×îÔçÔÚApollonÊг¡ÉϳöÊÛ£¬£¬£¬£¬£¬£¬£¬¼ÛǮΪ300ÃÀÔª£¬£¬£¬£¬£¬£¬£¬ËæºóÔÚ°µÍøÂÛ̳ÉÏÒÔ½ö2.15ÃÀÔªµÄ¼ÛÇ®Á÷ͨ£¬£¬£¬£¬£¬£¬£¬ÕâÒâζ×Å´ó×ÚDZÔÚ¹¥»÷Õß¿ÉÄÜÒѾӵÓÐÁ˸ÃÊý¾Ý¿â¡£¡£¡£¡£¡£ÓÐÈ˽âÃÜÁ˸ÃÊý¾Ý¿âÖеÄ36.7Íò¸öÕË»§ÃÜÂ룬£¬£¬£¬£¬£¬£¬²¢ÒÔ400ÃÀÔªµÄ¼ÛÇ®³öÊÛ¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/database-from-stockx-hack-sold-online-check-if-youre-included/

EmsisoftÑо¿Ö°Ô±Ðû²¼ÀÕË÷Èí¼þJSWorm 4.0µÄÃ⺬»ìÃܹ¤¾ß¡£¡£¡£¡£¡£ÓëÒÔǰµÄ°æ±¾Ò»Ñù£¬£¬£¬£¬£¬£¬£¬JSWorm 4.0ÊÇÓÃC++±àдµÄ£¬£¬£¬£¬£¬£¬£¬Ê¹ÓÃAES-256µÄ¶¨Öư汾¾ÙÐмÓÃÜ¡£¡£¡£¡£¡£¸Ã¶ñÒâÈí¼þ»áÔÚ¼ÓÃܵÄÎļþºó¸½¼Ó.[ID-][].JSWRMÀ©Õ¹Ãû£¬£¬£¬£¬£¬£¬£¬²¢ÊÍ·ÅÃûΪJSWRM-DECRYPT.htaµÄÀÕË÷Ʊ¾Ý¡£¡£¡£¡£¡£Êܵ½Ñ¬È¾µÄÓû§¿Éͨ¹ýEmsisoftÐû²¼µÄÖ¸ÄϽâÃÜÆäÎļþ¡£¡£¡£¡£¡£ÔÚ5Ô·ÝÑо¿Ö°Ô±»¹Ðû²¼ÁËJSWorm 2.0µÄ½âÃܹ¤¾ß¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/89666/malware/emsisoft-decryptor-jsworm-4-0.html