°ÍÎ÷¹«Ë¾NaturaÊý¾Ý¿â̻¶й¶1.92ÒÚÌõÓû§ÐÅÏ¢£»£»£»£»AdobeÐû²¼½ôÆÈ´øÍâ¸üÐÂÐÞ¸´Ô¶³ÌÖ´ÐдúÂëÎó²î

Ðû²¼Ê±¼ä 2020-05-21

1.°ÍÎ÷¹«Ë¾NaturaÊý¾Ý¿â̻¶£¬ £¬£¬Ð¹Â¶1.92ÒÚÌõÓû§ÐÅÏ¢


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


°ÍÎ÷Ê¥±£Â޵Ļ¯×±Æ·¹«Ë¾Natura̻¶ÁËÁ½¸öÉèÖùýʧµÄAWSÊý¾Ý¿â³¤´ïÊýÖÜÖ®¾Ã£¬ £¬£¬Ð¹Â¶ÁË1.92ÒÚÌõÓû§ÐÅÏ¢ ¡£¡£¡£¡£Æ¾Ö¤Hackread.comµÄÊӲ죬 £¬£¬´Ë´Îй¶µÄÊÇÔڸù«Ë¾ÍøÕ¾¹ºÎïµÄÁè¼Ý25ÍòÃû¿Í»§µÄÐÅÏ¢£¬ £¬£¬°üÀ¨Óû§ÐÔ±ð¡¢ÐÕÃû¡¢¹ú¼®¡¢³öÉúÈÕÆÚ¡¢µç»°ºÅÂë¡¢ÒÔǰ¹ºÖüͼ¡¢MOIPÕÊ»§ÏêϸÐÅÏ¢¡¢Ä¸Ç×µÄÐÕ¡¢Óʼþ½Ó´ýÄ£°å¡¢Óû§ÃûºÍêdzơ¢µç×ÓÓʼþµØµã¡¢ÏÖʵµØµã¡¢ÓÃÓÚwirecard.com.brµÄ»á¼ûÁîÅÆ¡¢APIƾ֤£¨°üÀ¨Î´¼ÓÃܵÄÃÜÂ룩¡¢Natura.com.brµÇ¼ƾ֤£¨°üÀ¨¹þÏ£ÃÜÂ룩 ¡£¡£¡£¡£±ðµÄ£¬ £¬£¬Ñо¿Ö°Ô±·¢Ã÷´Ë´ÎÊÂÎñ»¹Ð¹Â¶ÁËÓë¹«Ë¾ÍøÂç»ù´¡ÉèÊ©Ïà¹ØµÄÉñÃØÐÅÏ¢£¬ £¬£¬Èç.pemÖ¤ÊéÃÜÔ¿ ¡£¡£¡£¡£ÏÖÔÚ£¬ £¬£¬Á½¸öÊý¾Ý¿âÔÚ̻¶ÊýÖܺó¾ùÒÑ»ñµÃ±£»£»£»£»¤ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.hackread.com/brazis-cosmetic-giant-natura-leaked-192m-records/


2.Å·ÃËÒé»áй¶ÊýǧÈËÊý¾Ý£¬ £¬£¬ÉÐδ¶Ô´ËÊÂ×÷³ö»ØÓ¦


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


×î½ü£¬ £¬£¬Ó¡¶ÈÍøÂçÇ鱨¹«Ë¾ShadowMapTechÔÚÅ·ÃËÒé»á·¢Ã÷ÁËÊý¾Ýй¶ÊÂÎñ£¬ £¬£¬ÆäÖаüÀ¨200¶à¸öÅ·ÃËÒé»á¡¢Å·ÃËÀíÊ»áºÍÅ·ÃËίԱ»á³ÉÔ±µÄÊý¾ÝºÍÃÜÂ룬 £¬£¬½«Ó°ÏìÅ·ÃËÒé»áµÄ1000¶àÃûÊÂÇéÖ°Ô± ¡£¡£¡£¡£Ð¹Â¶Êý¾Ý°üÀ¨Ê¹ÓÃÕß±àºÅ¡¢Ãû×Ö¡¢¼ÓÃÜÃÜÂë¡¢µç×ÓÓʼþµØµãºÍÊ±Çø ¡£¡£¡£¡£´Ë´Îй¶ÊÂÎñ¿ÉÄÜ»¹»áÓ°ÏìÐÂÎżÇÕß¡¢ÕþÖÎÈËÎïÒÔ¼°Å·ÃËÁíÍ⼸¸ö»ú¹¹µÄ³ÉÔ±£¬ £¬£¬ÀýÈçÅ·ÖÞÐ̾¯×éÖ¯¡¢Å·ÖÞÊý¾Ý±£»£»£»£»¤Ö÷¹Ü¡¢EUIPOºÍFrontex£¬ £¬£¬ÕâÅú×¢ÊÜÓ°ÏìÓû§×ÜÊýÁè¼Ý15000 ¡£¡£¡£¡£ÏÖÔÚ£¬ £¬£¬Å·ÃËÒé»áûÓжԴËÊÂ×ö³öÈκλظ´£¬ £¬£¬¶øÆäIT²¿·Ö¸±Ö÷ϯMarcel KolajaÔò·ñ¶¨ÁË´ËÊÂÎñ£¬ £¬£¬ÌåÏÖ¸Ã×ß©ÓëÅ·ÃË»ú¹¹ÔËÐеÄϵͳ²»Ïà¹Ø ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.hackread.com/gdpr-european-parliament-data-breach-data-leak/


3.Ó¢¹úÈí¼þ¹«Ë¾Advanced±£´æÎó²î£¬ £¬£¬Ð¹Â¶190¶à¼ÒÂÉËùÐÅÏ¢


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Ó¢¹úÈí¼þ¹«Ë¾Advanced±£´æÎó²îµ¼ÖÂÊý¾Ý¿â±©Â©£¬ £¬£¬Ð¹Â¶190¶à¼ÒÂÉËùÐÅÏ¢ ¡£¡£¡£¡£¾ÝÓ¢¹ú½ðÈÚʱ±¨±¨µÀ£¬ £¬£¬´Ë´ÎÊÂÎñ×ß©ÁËԼĪ190¼Ò״ʦÊÂÎñËùµÄ10000¸öÖ´·¨Îļþ£¬ £¬£¬°üÀ¨ÖøÃûÂÉËùClifford Chance£¬ £¬£¬SlaughterºÍMay ¡£¡£¡£¡£´Ë´Îй¶µÄÐÅÏ¢ÖÐÓÐÓû§Ãô¸ÐÐÅÏ¢£¬ £¬£¬Èç¹þÏ£ÃÜÂë¡¢Ö´·¨Îļþ¡¢»¤ÕÕºÅÂ롢ĸÇ×µÄÍâ¼ÒÐÕºÍÑÛ¾¦ÑÕɫ֮ÀàµÄÏêϸÐÅÏ¢£¬ £¬£¬»¹°üÀ¨ÖîÈçÓû§Ãû¡¢IDºÍ¹þÏ£ÃÜÂë¡¢ÑéÖ¤Âë¡¢¹«Ë¾ÏêϸÐÅÏ¢ºÍЧÀÍÓöÈÖ®ÀàµÄÊý¾Ý ¡£¡£¡£¡£AdvancedÇå¾²×ܼàÔòÌåÏÖ£¬ £¬£¬¸ÃÊÂÎñ×ß©µÄÊý¾ÝÔ­À´¾ÍÊǹûÕæµÄ£¬ £¬£¬ÔÚй¶µÄÖ´·¨ÎļþÖÐÏÕЩûÓпɱæ±ðµÄÐÅÏ¢ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.cpomagazine.com/cyber-security/over-190-law-firms-affected-by-advanced-data-leak-that-exposed-over-10000-legal-documents/


4.AdobeÐû²¼½ôÆÈ´øÍâ¸üУ¬ £¬£¬ÐÞ¸´Ô¶³ÌÖ´ÐдúÂëÎó²î


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


5ÔÂ19ÈÕ£¬ £¬£¬AdobeÐû²¼ÁËËĸöÇå¾²¸üУ¬ £¬£¬ÆäÖÐÒ»¸öÐÞ¸´ÁËÑÏÖØµÄÔ¶³ÌÖ´ÐдúÂëÎó²î ¡£¡£¡£¡£´Ë´ÎÇå¾²¸üÐÂÐÞ¸´µÄ»®·ÖÊÇCharacter AnimatorÖеĻùÓÚ¿ÍÕ»µÄ»º³åÇøÒç³öÎó²î£¨CVE-2020-9586£©£¬ £¬£¬¿Éµ¼ÖÂÔ¶³ÌÖ´ÐÐí§Òâ´úÂ룻£»£»£»Adobe Premiere ProÖеÄÔ½½ç¶ÁÈ¡Îó²î£¨CVE-2020-9616£©£¬ £¬£¬¿Éµ¼ÖÂÐÅϢй¶£»£»£»£»Adobe AuditionÖеÄÔ½½ç¶ÁÈ¡Îó²î£¨CVE-2020-9618£©£¬ £¬£¬¿Éµ¼ÖÂÐÅϢй¶£»£»£»£»Premiere RushÖеÄÔ½½ç¶ÁÈ¡Îó²î£¨CVE-2020-9617£©¿Éµ¼ÖÂÐÅϢй¶ ¡£¡£¡£¡£Ç÷ÊÆ¿Æ¼¼ÌáÐÑÓû§£¬ £¬£¬×ÝÈ»ÕâЩ²¹¶¡ÔÚÐû²¼Ê±²¢Î´ÔÚҰʹÓ㬠£¬£¬¿ÉÊÇÓû§ÈÔÓ¦¾¡¿ìÉý¼¶µ½×îа汾 ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/adobe-releases-critical-out-of-band-security-update/


5.AndroidľÂíDenDroidµÄбäÖÖWolfRAT£¬ £¬£¬Õë¶ÔÌ©¹úÓû§


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


TalosÑо¿Ö°Ô±·¢Ã÷Ò»ÖÖÐÂÐÍľÂíWolfRAT£¬ £¬£¬¸ÃľÂíÊÇÒÆ¶¯Ô¶³Ì»á¼ûľÂí£¨RAT£©DenDroidµÄбäÖÖ£¬ £¬£¬Õë¶ÔµÄÊÇʹÓÃAndroidƽ̨ÉϵÄWhatsapp¡¢Facebook MessengerºÍLineµÈÓ¦ÓóÌÐòµÄÌ©¹úÓû§ ¡£¡£¡£¡£WolfRATͨ¹ýαÔì¸üÐÂÓÕʹÓû§Ê¹ÓÃFlashºÍGoogle PlayµÈÕýµ±Ð§ÀÍ£¬ £¬£¬´Ó¶ø×îÏÈÆäѬȾÁ´ ¡£¡£¡£¡£Ò»µ©Óû§ÊÜÆ­£¬ £¬£¬WolfRATÔò½«×Ô¼º×°ÖÃÔÚÄ¿µÄAndroid×°±¸Éϲ¢×îÏÈÌØ¹¤»î¶¯£¬ £¬£¬°üÀ¨ÍøÂç×°±¸Êý¾Ý¡¢ÅÄÉãÕÕÆ¬ºÍÊÓÆµ£¬ £¬£¬ÆÆËðSMSÐÂÎÅת´ï£¬ £¬£¬¼Í¼ÒôƵÒÔ¼°ÇÔÈ¡Îļþ²¢½«Æä´«Êäµ½C2 ¡£¡£¡£¡£Ñо¿Ö°Ô±»¹·¢Ã÷²¿·ÖC2λÓÚÌ©¹ú£¬ £¬£¬Ê¹ÓõÄÓòºÍÌ©¹úʳÎïÓйØ£¬ £¬£¬»¹·¢Ã÷ÁËÓÃÌ©Óï±àдµÄJavaScriptÏÂÁî ¡£¡£¡£¡£TalosÌåÏÖ£¬ £¬£¬¸Ã¶ñÒâÈí¼þ»¹ÔÚÒ»Ö±µÄ¿ª·¢ÖÐ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/wolfrat-targets-users-of-whatsapp-facebook-messenger-apps-on-android-devices/


6.ÒÁÀʺڿÍ×éÖ¯Greenbug¹¥»÷Á˰ͻù˹̹µÄ3¼ÒµçÐŹ«Ë¾


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


¾ÝÍøÂçÇå¾²¹«Ë¾Symantec³Æ£¬ £¬£¬ÔÚÒÑÍùµÄ¼¸¸öÔÂÖУ¬ £¬£¬ÒÁÀʺڿÍ×éÖ¯GreenbugһֱDZÔÚÔÚ°Í»ù˹̹ÖÁÉÙ3¼ÒµçÐŹ«Ë¾µÄITϵͳÖÐ ¡£¡£¡£¡£¸ÃºÚ¿Í×éÖ¯Ò»Ö±ÔÚʹÓÃÐéÄâËíµÀ¼á³ÖÓëÊܺ¦»úеµÄÅþÁ¬£¬ £¬£¬²¢Ñ°ÕÒºÏÊʵÄʱʱ»ú¼ûÆäϵͳÖÐÊý¾Ý ¡£¡£¡£¡£¶øGreenbugÔÚ±»·¢Ã÷ºóÒ²Ò»Ö±Æð¾¢¼ÌÐøÇ±ÔÚÔÚÔÚ°Í»ù˹̹µçÐŹ«Ë¾ÍøÂçÖÐ ¡£¡£¡£¡£Symantec¸ß¼¶ÆÊÎöʦÇǶ÷¡¤Jon DiMaggioÌåÏÖ£¬ £¬£¬ºÚ¿ÍÖ®ÒÔÊÇÈëÇÖ²¢Ç±ÔÚÔÚÕâЩ¹«Ë¾µÄÍøÂ磬 £¬£¬ÊÇÓÉÓÚµçÐÅÊý¾Ý¿ÉÒÔΪÆäÌṩ´ó×ÚÐÅÏ¢ÒÔʵÏÖ¼àÊÓ°Í»ù˹̹µÄÄ¿µÄ ¡£¡£¡£¡£SymantecÌåÏÖ£¬ £¬£¬2019ÄêÒ»¹²ÓÐ18¸ö²î±ðµÄÓë¸÷¹úÕþ¸®ÓйصĺڿÍ×éÖ¯£¬ £¬£¬¶ÔµçÐŹ«Ë¾Õö¿ªÁ˹¥»÷ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.cyberscoop.com/greenbug-symantec-iran-hacking-pakistan/