°ÍÎ÷¹«Ë¾NaturaÊý¾Ý¿â̻¶й¶1.92ÒÚÌõÓû§ÐÅÏ¢£»£»£»£»AdobeÐû²¼½ôÆÈ´øÍâ¸üÐÂÐÞ¸´Ô¶³ÌÖ´ÐдúÂëÎó²î
Ðû²¼Ê±¼ä 2020-05-211.°ÍÎ÷¹«Ë¾NaturaÊý¾Ý¿â̻¶£¬£¬£¬Ð¹Â¶1.92ÒÚÌõÓû§ÐÅÏ¢
°ÍÎ÷Ê¥±£Â޵Ļ¯×±Æ·¹«Ë¾Natura̻¶ÁËÁ½¸öÉèÖùýʧµÄAWSÊý¾Ý¿â³¤´ïÊýÖÜÖ®¾Ã£¬£¬£¬Ð¹Â¶ÁË1.92ÒÚÌõÓû§ÐÅÏ¢¡£¡£¡£¡£Æ¾Ö¤Hackread.comµÄÊӲ죬£¬£¬´Ë´Îй¶µÄÊÇÔڸù«Ë¾ÍøÕ¾¹ºÎïµÄÁè¼Ý25ÍòÃû¿Í»§µÄÐÅÏ¢£¬£¬£¬°üÀ¨Óû§ÐÔ±ð¡¢ÐÕÃû¡¢¹ú¼®¡¢³öÉúÈÕÆÚ¡¢µç»°ºÅÂë¡¢ÒÔǰ¹ºÖüͼ¡¢MOIPÕÊ»§ÏêϸÐÅÏ¢¡¢Ä¸Ç×µÄÐÕ¡¢Óʼþ½Ó´ýÄ£°å¡¢Óû§ÃûºÍêdzơ¢µç×ÓÓʼþµØµã¡¢ÏÖʵµØµã¡¢ÓÃÓÚwirecard.com.brµÄ»á¼ûÁîÅÆ¡¢APIƾ֤£¨°üÀ¨Î´¼ÓÃܵÄÃÜÂ룩¡¢Natura.com.brµÇ¼ƾ֤£¨°üÀ¨¹þÏ£ÃÜÂ룩¡£¡£¡£¡£±ðµÄ£¬£¬£¬Ñо¿Ö°Ô±·¢Ã÷´Ë´ÎÊÂÎñ»¹Ð¹Â¶ÁËÓë¹«Ë¾ÍøÂç»ù´¡ÉèÊ©Ïà¹ØµÄÉñÃØÐÅÏ¢£¬£¬£¬Èç.pemÖ¤ÊéÃÜÔ¿¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬Á½¸öÊý¾Ý¿âÔÚ̻¶ÊýÖܺó¾ùÒÑ»ñµÃ±£»£»£»£»¤¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.hackread.com/brazis-cosmetic-giant-natura-leaked-192m-records/
2.Å·ÃËÒé»áй¶ÊýǧÈËÊý¾Ý£¬£¬£¬ÉÐδ¶Ô´ËÊÂ×÷³ö»ØÓ¦
×î½ü£¬£¬£¬Ó¡¶ÈÍøÂçÇ鱨¹«Ë¾ShadowMapTechÔÚÅ·ÃËÒé»á·¢Ã÷ÁËÊý¾Ýй¶ÊÂÎñ£¬£¬£¬ÆäÖаüÀ¨200¶à¸öÅ·ÃËÒé»á¡¢Å·ÃËÀíÊ»áºÍÅ·ÃËίԱ»á³ÉÔ±µÄÊý¾ÝºÍÃÜÂ룬£¬£¬½«Ó°ÏìÅ·ÃËÒé»áµÄ1000¶àÃûÊÂÇéÖ°Ô±¡£¡£¡£¡£Ð¹Â¶Êý¾Ý°üÀ¨Ê¹ÓÃÕß±àºÅ¡¢Ãû×Ö¡¢¼ÓÃÜÃÜÂë¡¢µç×ÓÓʼþµØµãºÍÊ±Çø¡£¡£¡£¡£´Ë´Îй¶ÊÂÎñ¿ÉÄÜ»¹»áÓ°ÏìÐÂÎżÇÕß¡¢ÕþÖÎÈËÎïÒÔ¼°Å·ÃËÁíÍ⼸¸ö»ú¹¹µÄ³ÉÔ±£¬£¬£¬ÀýÈçÅ·ÖÞÐ̾¯×éÖ¯¡¢Å·ÖÞÊý¾Ý±£»£»£»£»¤Ö÷¹Ü¡¢EUIPOºÍFrontex£¬£¬£¬ÕâÅú×¢ÊÜÓ°ÏìÓû§×ÜÊýÁè¼Ý15000¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬Å·ÃËÒé»áûÓжԴËÊÂ×ö³öÈκλظ´£¬£¬£¬¶øÆäIT²¿·Ö¸±Ö÷ϯMarcel KolajaÔò·ñ¶¨ÁË´ËÊÂÎñ£¬£¬£¬ÌåÏÖ¸Ã×ß©ÓëÅ·ÃË»ú¹¹ÔËÐеÄϵͳ²»Ïà¹Ø¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.hackread.com/gdpr-european-parliament-data-breach-data-leak/
3.Ó¢¹úÈí¼þ¹«Ë¾Advanced±£´æÎó²î£¬£¬£¬Ð¹Â¶190¶à¼ÒÂÉËùÐÅÏ¢
Ó¢¹úÈí¼þ¹«Ë¾Advanced±£´æÎó²îµ¼ÖÂÊý¾Ý¿â±©Â©£¬£¬£¬Ð¹Â¶190¶à¼ÒÂÉËùÐÅÏ¢¡£¡£¡£¡£¾ÝÓ¢¹ú½ðÈÚʱ±¨±¨µÀ£¬£¬£¬´Ë´ÎÊÂÎñ×ß©ÁËԼĪ190¼Ò״ʦÊÂÎñËùµÄ10000¸öÖ´·¨Îļþ£¬£¬£¬°üÀ¨ÖøÃûÂÉËùClifford Chance£¬£¬£¬SlaughterºÍMay¡£¡£¡£¡£´Ë´Îй¶µÄÐÅÏ¢ÖÐÓÐÓû§Ãô¸ÐÐÅÏ¢£¬£¬£¬Èç¹þÏ£ÃÜÂë¡¢Ö´·¨Îļþ¡¢»¤ÕÕºÅÂ롢ĸÇ×µÄÍâ¼ÒÐÕºÍÑÛ¾¦ÑÕɫ֮ÀàµÄÏêϸÐÅÏ¢£¬£¬£¬»¹°üÀ¨ÖîÈçÓû§Ãû¡¢IDºÍ¹þÏ£ÃÜÂë¡¢ÑéÖ¤Âë¡¢¹«Ë¾ÏêϸÐÅÏ¢ºÍЧÀÍÓöÈÖ®ÀàµÄÊý¾Ý¡£¡£¡£¡£AdvancedÇå¾²×ܼàÔòÌåÏÖ£¬£¬£¬¸ÃÊÂÎñ×ß©µÄÊý¾ÝÔÀ´¾ÍÊǹûÕæµÄ£¬£¬£¬ÔÚй¶µÄÖ´·¨ÎļþÖÐÏÕЩûÓпɱæ±ðµÄÐÅÏ¢¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.cpomagazine.com/cyber-security/over-190-law-firms-affected-by-advanced-data-leak-that-exposed-over-10000-legal-documents/
4.AdobeÐû²¼½ôÆÈ´øÍâ¸üУ¬£¬£¬ÐÞ¸´Ô¶³ÌÖ´ÐдúÂëÎó²î
5ÔÂ19ÈÕ£¬£¬£¬AdobeÐû²¼ÁËËĸöÇå¾²¸üУ¬£¬£¬ÆäÖÐÒ»¸öÐÞ¸´ÁËÑÏÖØµÄÔ¶³ÌÖ´ÐдúÂëÎó²î¡£¡£¡£¡£´Ë´ÎÇå¾²¸üÐÂÐÞ¸´µÄ»®·ÖÊÇCharacter AnimatorÖеĻùÓÚ¿ÍÕ»µÄ»º³åÇøÒç³öÎó²î£¨CVE-2020-9586£©£¬£¬£¬¿Éµ¼ÖÂÔ¶³ÌÖ´ÐÐí§Òâ´úÂ룻£»£»£»Adobe Premiere ProÖеÄÔ½½ç¶ÁÈ¡Îó²î£¨CVE-2020-9616£©£¬£¬£¬¿Éµ¼ÖÂÐÅϢй¶£»£»£»£»Adobe AuditionÖеÄÔ½½ç¶ÁÈ¡Îó²î£¨CVE-2020-9618£©£¬£¬£¬¿Éµ¼ÖÂÐÅϢй¶£»£»£»£»Premiere RushÖеÄÔ½½ç¶ÁÈ¡Îó²î£¨CVE-2020-9617£©¿Éµ¼ÖÂÐÅϢй¶¡£¡£¡£¡£Ç÷ÊÆ¿Æ¼¼ÌáÐÑÓû§£¬£¬£¬×ÝÈ»ÕâЩ²¹¶¡ÔÚÐû²¼Ê±²¢Î´ÔÚҰʹÓ㬣¬£¬¿ÉÊÇÓû§ÈÔÓ¦¾¡¿ìÉý¼¶µ½×îа汾¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/adobe-releases-critical-out-of-band-security-update/
5.AndroidľÂíDenDroidµÄбäÖÖWolfRAT£¬£¬£¬Õë¶ÔÌ©¹úÓû§
TalosÑо¿Ö°Ô±·¢Ã÷Ò»ÖÖÐÂÐÍľÂíWolfRAT£¬£¬£¬¸ÃľÂíÊÇÒÆ¶¯Ô¶³Ì»á¼ûľÂí£¨RAT£©DenDroidµÄбäÖÖ£¬£¬£¬Õë¶ÔµÄÊÇʹÓÃAndroidƽ̨ÉϵÄWhatsapp¡¢Facebook MessengerºÍLineµÈÓ¦ÓóÌÐòµÄÌ©¹úÓû§¡£¡£¡£¡£WolfRATͨ¹ýαÔì¸üÐÂÓÕʹÓû§Ê¹ÓÃFlashºÍGoogle PlayµÈÕýµ±Ð§ÀÍ£¬£¬£¬´Ó¶ø×îÏÈÆäѬȾÁ´¡£¡£¡£¡£Ò»µ©Óû§ÊÜÆ£¬£¬£¬WolfRATÔò½«×Ô¼º×°ÖÃÔÚÄ¿µÄAndroid×°±¸Éϲ¢×îÏÈÌØ¹¤»î¶¯£¬£¬£¬°üÀ¨ÍøÂç×°±¸Êý¾Ý¡¢ÅÄÉãÕÕÆ¬ºÍÊÓÆµ£¬£¬£¬ÆÆËðSMSÐÂÎÅת´ï£¬£¬£¬¼Í¼ÒôƵÒÔ¼°ÇÔÈ¡Îļþ²¢½«Æä´«Êäµ½C2¡£¡£¡£¡£Ñо¿Ö°Ô±»¹·¢Ã÷²¿·ÖC2λÓÚÌ©¹ú£¬£¬£¬Ê¹ÓõÄÓòºÍÌ©¹úʳÎïÓйأ¬£¬£¬»¹·¢Ã÷ÁËÓÃÌ©Óï±àдµÄJavaScriptÏÂÁî¡£¡£¡£¡£TalosÌåÏÖ£¬£¬£¬¸Ã¶ñÒâÈí¼þ»¹ÔÚÒ»Ö±µÄ¿ª·¢ÖС£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/wolfrat-targets-users-of-whatsapp-facebook-messenger-apps-on-android-devices/
6.ÒÁÀʺڿÍ×éÖ¯Greenbug¹¥»÷Á˰ͻù˹̹µÄ3¼ÒµçÐŹ«Ë¾
¾ÝÍøÂçÇå¾²¹«Ë¾Symantec³Æ£¬£¬£¬ÔÚÒÑÍùµÄ¼¸¸öÔÂÖУ¬£¬£¬ÒÁÀʺڿÍ×éÖ¯GreenbugһֱDZÔÚÔÚ°Í»ù˹̹ÖÁÉÙ3¼ÒµçÐŹ«Ë¾µÄITϵͳÖС£¡£¡£¡£¸ÃºÚ¿Í×éÖ¯Ò»Ö±ÔÚʹÓÃÐéÄâËíµÀ¼á³ÖÓëÊܺ¦»úеµÄÅþÁ¬£¬£¬£¬²¢Ñ°ÕÒºÏÊʵÄʱʱ»ú¼ûÆäϵͳÖÐÊý¾Ý¡£¡£¡£¡£¶øGreenbugÔÚ±»·¢Ã÷ºóÒ²Ò»Ö±Æð¾¢¼ÌÐøÇ±ÔÚÔÚÔÚ°Í»ù˹̹µçÐŹ«Ë¾ÍøÂçÖС£¡£¡£¡£Symantec¸ß¼¶ÆÊÎöʦÇǶ÷¡¤Jon DiMaggioÌåÏÖ£¬£¬£¬ºÚ¿ÍÖ®ÒÔÊÇÈëÇÖ²¢Ç±ÔÚÔÚÕâЩ¹«Ë¾µÄÍøÂ磬£¬£¬ÊÇÓÉÓÚµçÐÅÊý¾Ý¿ÉÒÔΪÆäÌṩ´ó×ÚÐÅÏ¢ÒÔʵÏÖ¼àÊÓ°Í»ù˹̹µÄÄ¿µÄ¡£¡£¡£¡£SymantecÌåÏÖ£¬£¬£¬2019ÄêÒ»¹²ÓÐ18¸ö²î±ðµÄÓë¸÷¹úÕþ¸®ÓйصĺڿÍ×éÖ¯£¬£¬£¬¶ÔµçÐŹ«Ë¾Õö¿ªÁ˹¥»÷¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.cyberscoop.com/greenbug-symantec-iran-hacking-pakistan/