ºÚ¿ÍʹÓõç×ÓÒøÐÐDaveÖÐÎó²îÇÔÈ¡750ÍòÓû§Êý¾Ý£»£»£»Ó¢¹úNCSCÖÒÑÔÕë¶ÔÌåÓý×éÖ¯µÄBECºÍÀÕË÷¹¥»÷

Ðû²¼Ê±¼ä 2020-07-27

1.ºÚ¿ÍʹÓõç×ÓÒøÐÐDaveÖÐÎó²î£¬£¬£¬£¬ÇÔÈ¡750ÍòÓû§Êý¾Ý



¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


µç×ÓÒøÐÐDaveÈÏ¿ÉÆäÓ¦Óñ£´æÇå¾²Îó²î£¬£¬£¬£¬²¢±»ºÚ¿ÍʹÓõ¼ÖÂ7516625Óû§Ïêϸй¶¡£ ¡£ ¡£¡£¡£¡£¡£DaveÌåÏÖ£¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚÆä¹¤³ÌÍŶÓ֮ǰʹÓÃµÄÆÊÎöƽ̨Waydev¡£ ¡£ ¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬DaveµÄй¶ÐÅÏ¢¿ÉÔÚ°µÍøÖÐÃâ·Ñ¾ÙÐлá¼û£¬£¬£¬£¬°üÀ¨ÕæÊµÐÕÃû¡¢µç»°ºÅÂë¡¢µç×ÓÓʼþ¡¢³öÉúÈÕÆÚ¡¢¼ÒͥסַÒÔ¼°bcrypt¼ÓÃܵÄÃÜÂ룬£¬£¬£¬Ä³Ð©ÐÅÏ¢Öл¹°üÀ¨ÒøÐп¨ÐÅÏ¢ºÍÉç»áÇå¾²ºÅÂë¡£ ¡£ ¡£¡£¡£¡£¡£¸Ã¹«Ë¾ÌåÏÖ£¬£¬£¬£¬ÏÖÔÚËûÃÇÒѾ­ÐÞ¸´Á˺ڿÍʹÓõÄÎó²î£¬£¬£¬£¬²¢½«´ËÊÂÎñ֪ͨ¿Í»§£¬£¬£¬£¬DaveÓ¦ÓõÄÃÜÂëÒ²½«±»ÖØÖᣠ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/tech-unicorn-dave-admits-to-security-breach-impacting-7-5-million-users/#ftag=RSSbaffb68


2.ÓÌËû´óѧ¿µ½¡ÖÐÐÄÔâ´¹ÂÚ¹¥»÷£¬£¬£¬£¬»¼ÕßÊý¾Ýй¶


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


ÓÌËû´óѧ¿µ½¡ÖÐÐÄ£¨U of U Health£©Ôâµ½´¹ÂÚ¹¥»÷£¬£¬£¬£¬µ¼Ö»¼ÕßÊý¾Ýй¶¡£ ¡£ ¡£¡£¡£¡£¡£2020Äê4ÔÂ6ÈÕÖÁ5ÔÂ22ÈÕ£¬£¬£¬£¬ºÚ¿Í¶ÔÓÌËû´óѧ¿µ½¡ÖÐÐĵÄÔ±¹¤µç×ÓÓʼþÕÊ»§Ìá³«ÍøÂç´¹ÂÚ¹¥»÷£¬£¬£¬£¬²¢¶ÔÕâЩÕË»§¾ÙÐв»·¨»á¼û¡£ ¡£ ¡£¡£¡£¡£¡£¾­ÓÉÊӲ죬£¬£¬£¬´Ë´Î¹¥»÷й¶ÁË»¼ÕßÐÕÃû¡¢³öÉúÈÕÆÚ¡¢²¡ÀúºÅÒÔ¼°Ó벿·ÖÁÙ´²ÐÅÏ¢¡£ ¡£ ¡£¡£¡£¡£¡£U of U HealthÓÚ½ñÄêÔçЩʱҲÔâµ½¹ýÀàËÆµÄ¹¥»÷ÊÂÎñ£¬£¬£¬£¬×ÔÄÇʱÒÔÀ´Ò»Ö±ÖÂÁ¦ÓÚÇå¾²ÐÔµÄÔöÇ¿¡£ ¡£ ¡£¡£¡£¡£¡£¸Ã´óѧ¶Ô´ËÊÂÎñµÄÊÓ²ìÕýÔÚ¾ÙÐÐÖУ¬£¬£¬£¬²¢ÌåÏÖ»áÔöÇ¿ÐÅÏ¢Çå¾²³ÌÐò¡£ ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://healthcare.utah.edu/publicaffairs/news/2020/06/data-breach.php


3.Ó¢¹úNCSCÖÒÑÔÕë¶ÔÌåÓý×éÖ¯µÄBECºÍÀÕË÷¹¥»÷


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Ó¢¹ú¹ú¼ÒÍøÂçÇå¾²ÖÐÐÄ£¨NCSC£©ÖÒÑÔÕë¶ÔÌåÓý×éÖ¯ºÍÇò¶Ó£¨°üÀ¨Ó¢³¬×ãÇò¾ãÀÖ²¿£©µÄÀÕË÷Èí¼þ¹¥»÷¡¢ÍøÂç´¹ÂÚ¹¥»÷ÒÔ¼°ÉÌÒµµç×ÓÓʼþÍ×Э£¨BEC£©Ú²Æ­´øÀ´µÄÈÕÒæÔöÌíµÄΣº¦¡£ ¡£ ¡£¡£¡£¡£¡£¾ÝIpsos MORIÊÓ²ìµÃ³öµÄÊý¾Ý£¬£¬£¬£¬ÖÁÉÙ70£¥µÄÌåÓý×éÖ¯ÔÚÈ¥ÄêÂÄÀúÁËÊý¾Ýй¶»òÍøÂç¹¥»÷ÊÂÎñ£¬£¬£¬£¬ÆäÖеÄ30£¥ÔÚ´Ëʱ´ú¼Í¼ÁË5´ÎÒÔÉϹ¥»÷£¬£¬£¬£¬±ÈÓ¢¹úÆóÒµµÄƽ¾ùÖµºá¿çÒ»±¶¡£ ¡£ ¡£¡£¡£¡£¡£ÔÚÕâЩ¹¥»÷ÊÂÎñÖУ¬£¬£¬£¬Ô¼Äª30£¥µÄ×é֯ƽ¾ù¾­¼ÃËðʧҲµÖ´ïÁË10000Ó¢°÷£¨12700ÃÀÔª£©£¬£¬£¬£¬ÆäÖÐ×î´óµÄµ¥ÏîËðʧÁè¼Ý400ÍòÓ¢°÷£¨¿ìÒª5100000ÃÀÔª£©¡£ ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/uk-govt-warns-of-ransomware-bec-attacks-against-sports-sector/


4.еÄShadow¹¥»÷¿É¸ü¸Ä¾­ÓÉÊý×ÖÊðÃûµÄPDFÎļþ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


µÂ¹ú²¨ºè´óѧ£¨Ruhr-University Bochum£©µÄÑо¿Ö°Ô±Ðû²¼±¨¸æ£¬£¬£¬£¬·¢Ã÷еÄShadow¹¥»÷¿É¸ü¸Ä¾­ÓÉÊý×ÖÊðÃûµÄPDFÎļþ£¬£¬£¬£¬¸Ã¹¥»÷·½·¨¿ÉÓ°ÏìAdobe Acrobat Pro¡¢Adobe Acrobat Reader¡¢Perfect PDF¡¢Foxit Reader¡¢PDFelementµÈÓ¦Óᣠ¡£ ¡£¡£¡£¡£¡£¸Ã¹¥»÷±³ºóµÄÖ÷ҪͷÄÔÊÇÊÓͼ²ãµÄ¿´·¨£¬£¬£¬£¬¼´ÔÚPDFÎĵµÖÐÏà»¥ÖØµþµÄ²î±ðÄÚÈݼ¯¡£ ¡£ ¡£¡£¡£¡£¡£ºÚ¿Í½«¾ßÓвî±ð²ãµÄÎĵµ·¢Ë͸øÊܺ¦Õߣ¬£¬£¬£¬Êܺ¦Õß»áÔÚÎĵµµÄ×îÉÏÃæÒ»²ã¾ÙÐÐÊý×ÖÊðÃû£¬£¬£¬£¬¿ÉÊǵ±¹¥»÷ÕßÊÕµ½Ëüʱ£¬£¬£¬£¬»á½«ÁíÒ»²ã¸ü¸ÄΪ¿É¼û²ã¡£ ¡£ ¡£¡£¡£¡£¡£¸Ã¹¥»÷ÔÊÐí¹¥»÷ÕßÔÚ²»Í»ÆÆ¼ÓÃÜÊðÃûµÄÇéÐÎ϶ԾßÓÐÖ´·¨Ô¼ÊøÁ¦µÄÎļþ¾ÙÐжñÒâ²Ù×÷¡£ ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/new-shadow-attack-can-replace-content-in-digitally-signed-pdf-files/


5.Ñо¿Ö°Ô±·¢Ã÷¿ÉÔÚAlexaÊÐËÁÉÏ´«234ÏîÎ¥·´Õþ²ßµÄÓ¦ÓÃ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


ÔÚΪÆÚ12¸öÔµÄAlexaÓ¦ÓÃÊÐËÁÉó²éÖУ¬£¬£¬£¬Ñо¿Ö°Ô±×ܹ²ÊµÑéÉÏ´«234ÏîÎ¥·´Õþ²ßµÄAlexaÓ¦ÓóÌÐò£¬£¬£¬£¬×îÖÕ»ñµÃÀֳɲ¢Î´Óöµ½ºÜ´óµÄÄÑÌâ¡£ ¡£ ¡£¡£¡£¡£¡£¸ÃÑо¿Ð¡×éÌåÏÖ£¬£¬£¬£¬ÔÚÊ×´ÎÌύʱÀÖ³ÉÈÏÖ¤ÁË193ÖÖÓ¦Ó㬣¬£¬£¬²¢ÓÐ41ÖÖ±»¾Ü¾ø¡£ ¡£ ¡£¡£¡£¡£¡£µ«ËæºóÔÚµÚ¶þ´ÎʵÑéÖ®ºó£¬£¬£¬£¬ÕâЩӦÓÃËùÓÐÉÏ´«Àֳɡ£ ¡£ ¡£¡£¡£¡£¡£ÔÚ´Ë´ÎʵÑéÖУ¬£¬£¬£¬Ñо¿Ö°Ô±ÉÏ´«µÄÓ¦ÓÿÉÓÃÀ´ÍøÂç˽ÈËÐÅÏ¢£¬£¬£¬£¬²¢Ã¶¾ÙÁ˲¿·Ö¿ÉÄܵ¼Ö¶ñÒâÓ¦ÓÃÉÏ´«µÄÔµ¹ÊÔ­ÓÉ£¬£¬£¬£¬°üÀ¨¼ì²é·×ÆçÖ¡¢ÓÐÏÞµÄÓïÒô¼ì²é¡¢¶Ô¿ª·¢Ö°Ô±µÄÌ«¹ýÐÅÈΡ¢ÈÏÖ¤Àú³ÌÉæ¼°µ½ÈËÀàºÍÉó²éÀú³Ì²»·ó³¹µ×µÈÎÊÌâ¡£ ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/academics-smuggle-234-policy-violating-skills-on-the-alexa-skills-store/#ftag=RSSbaffb68


6.TransUnionͳ¼ÆÓÐ27£¥ÏûºÄÕßÔâµ½COVID-19Ö÷Ìâ´¹ÂÚ¹¥»÷


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


TransUnionÐû²¼±¨¸æ£¬£¬£¬£¬´¹ÂÚ¹¥»÷ÊÇÓëCOVID-19ÓйصÄ×îÑÏÖØµÄÊý×ÖڲƭÊֶΣ¬£¬£¬£¬¾Ýͳ¼ÆÓÐ27£¥ÏûºÄÕßÔâµ½ÒÔCOVID-19ΪÖ÷Ìâ´¹ÂÚ¹¥»÷¡£ ¡£ ¡£¡£¡£¡£¡£TransUnion¸ß¼¶¸±×ܲÃShai CohenÌåÏÖ£¬£¬£¬£¬Éí·ÝڲƭÊǹ¥»÷ÕßʹÓÃÍøÂç´¹ÂÚºÍÆäËûÉç»á¹¤³Ì¹¥»÷ÇÔ×÷·ÏºÄÕßÊý¾ÝµÄÖ÷Òª·½·¨¡£ ¡£ ¡£¡£¡£¡£¡£ÔÚ2020Äê6ÔÂ30ÈÕÖÁ7ÔÂ6ÈÕÖ®¼ä¶Ô¼ÓÄô󡢸çÂ×±ÈÑÇ¡¢Ïã¸Û¡¢ÄÏ·Ç¡¢Ó¢¹úºÍÃÀ¹úµÄ7384ÃûÊÜ·ÃÕß¾ÙÐÐÊӲ죬£¬£¬£¬ÆäÖÐÓÐ32£¥µÄÈËÌåÏÖËûÃÇÒÑÔâµ½ÓëCOVID-19ÓйصÄÊý×Öڲƭ£¬£¬£¬£¬Ö÷Òª·½·¨Îª´¹ÂÚ¹¥»÷¡¢ÍøÉÏÊÐËÁڲƭºÍ´ÈÉÆÚ²Æ­µÈ¡£ ¡£ ¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.helpnetsecurity.com/2020/07/24/pandemic-themed-phishing-scams/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29