Google NestЧÀÍÖÐÖ¹µ¼ÖÂÎ÷Å·Óû§ÖÇÄܼҾÓʧÁ飻£»£»£»£»£»ºÚ¿Í¿ÉʹÓÃ˼¿ÆWebexÖÐÎó²îÒþ²ØµØ¼ÓÈë¾Û»á
Ðû²¼Ê±¼ä 2020-11-19±¾ÖܶþGoogle NestЧÀÍ´ó¹æÄ£ÖÐÖ¹£¬£¬£¬£¬£¬£¬£¬µ¼Ö±±ÃÀºÍÅ·ÖÞÓû§ÖÇÄܼҾÓʧÁé¡£¡£¡£ÖܶþÆÆÏþ£¬£¬£¬£¬£¬£¬£¬¹È¸è×ܲ¿Ðû²¼ÐÂÎųƣ¬£¬£¬£¬£¬£¬£¬Æä·¢Ã÷Ò»¸öÎÊÌâ»áÓ°Ïì¹È¸èNest×°±¸ºÍNestÓ¦Óᣡ£¡£¸ÃÎÊÌâµ¼ÖÂÖÇÄܼҾÓÓû§ÎÞ·¨µÇ¼ÆäÕË»§£¬£¬£¬£¬£¬£¬£¬ÎÞ·¨Ê¹ÓÃÖÇÄÜÊÖ»úԢĿÊÓÆµÖ±²¥£¬£¬£¬£¬£¬£¬£¬ÎÞ·¨µ÷½âºãοØÖÆÆ÷£¬£¬£¬£¬£¬£¬£¬Ò²ÎÞ·¨ÓëNestµÄÈκÎϵÁвúÆ·»¥¶¯£¬£¬£¬£¬£¬£¬£¬ÆäÖб±ÃÀºÍ±±Å·µÄÓû§Êܵ½µÄÓ°Ïì×î´ó¡£¡£¡£×Åʵ£¬£¬£¬£¬£¬£¬£¬¸ÃЧÀÍÔÚ2ÔÂÒ²±¬·¢ÁËÀàËÆµÄÖÐÖ¹£¬£¬£¬£¬£¬£¬£¬Ò»Á¬ÁË16¸öСʱ¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.theregister.com/2020/11/17/google_nest_outage/
2.ºÚ¿Í¿ÉʹÓÃ˼¿ÆWebexÖÐÎó²îÒþ²ØµØ¼ÓÈë¾Û»á
ºÚ¿Í¿ÉʹÓÃ˼¿ÆWebexÊÓÆµ¾Û»áÓ¦ÓÃÖеÄÈý¸öÎó²î£¬£¬£¬£¬£¬£¬£¬ÒÔÐéαÓû§µÄÉí·ÝDZÈë²¢¼ÓÈëWebex¾Û»á£¬£¬£¬£¬£¬£¬£¬¶øÆäËû¼ÓÈëÕß¿´²»µ½¡£¡£¡£IBMÑо¿Ö°Ô±ÌåÏÖ£¬£¬£¬£¬£¬£¬£¬ÕâЩÎó²î±£´æÓÚ½¨ÉèеÄWebex¾Û»áʱµÄÎÕÊÖÀú³ÌÖУ¬£¬£¬£¬£¬£¬£¬±»×·×ÙΪCVE-2020-3441¡¢CVE-2020-3471ºÍCVE-2020-3419¡£¡£¡£¹¥»÷ÕßÁ¬ÏµÊ¹ÓÿÉÒÔÓÄÁéÓû§Éí·Ý¼ÓÈëWebex¾Û»á£¬£¬£¬£¬£¬£¬£¬²¢¶ÔÆäËûÓë»áÕß²»¿É¼û£»£»£»£»£»£»ÔÚ±»ÌߺóÈÔÁôÔÚ·¿¼äÄÚ£»£»£»£»£»£»»ñÈ¡Óйؾۻá¼ÓÈëÕßµÄÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬ÀýÈçÐÕÃû¡¢µç×ÓÓʼþµØµãºÍIPµØµã¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/cisco-webex-bugs-allow-attackers-to-join-meetings-as-ghost-users/
3.жñÒâÈí¼þChaesÃé×¼MercadoLivreÇÔÈ¡²ÆÎñÐÅÏ¢
Cybereason NocturnusÑо¿Ö°Ô±·¢Ã÷жñÒâÈí¼þChaesÃé×¼ÁËÀ¶¡ÃÀÖ޵ĵçÉÌÆ½Ì¨MercadoLivre£¬£¬£¬£¬£¬£¬£¬Ö¼ÔÚÇÔÈ¡²ÆÎñÐÅÏ¢¡£¡£¡£ChaesÓÚ2020ÄêβÊ״α»·¢Ã÷£¬£¬£¬£¬£¬£¬£¬ÆäÒÔMercadoLivre¹ºÖÃÀÖ³ÉΪÖ÷Ìâͨ¹ýÍøÂç´¹Âڻ¾ÙÐÐÈö²¥¡£¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬£¬ÎªÁËÔöÌíµç×ÓÓʼþµÄÕýµ±ÐÔ£¬£¬£¬£¬£¬£¬£¬ºÚ¿Í»¹Ìí¼ÓÁËAvastɨÃè½Å×¢¡£¡£¡£¸Ã¶ñÒâÈí¼þαװ³ÉÕýµ±Àú³ÌµÄÄ£¿£¿£¿£¿éÒÔÇÔȡϵͳÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬²¢´ÓGoogle Chromeä¯ÀÀÆ÷»á»°ÖÐÌáÈ¡Ãô¸ÐÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬Ö¼ÔÚÇÔÈ¡ÔÚÏßÕÊ»§µÄµÇ¼ƾ֤ºÍ²ÆÎñÐÅÏ¢¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/chaes-malware-strikes-customers-of-latin-americas-largest-e-commerce-platform/
4.ÐÂAPT FunnyDreamÕë¶Ô¶«ÄÏÑÇ£¬£¬£¬£¬£¬£¬£¬ÒÑѬȾ200¶à¸öϵͳ
Çå¾²¹«Ë¾BitdefenderÅû¶ÐÂAPT×éÖ¯FunnyDreamÕë¶Ô¶«ÄÏÑÇ£¬£¬£¬£¬£¬£¬£¬ÒÑѬȾ200¶à¸öϵͳ¡£¡£¡£¸Ã×éÖ¯Ö÷ÒªÕë¶Ô¶«ÄÏÑǹú¼ÒÕþ¸®£¬£¬£¬£¬£¬£¬£¬Ö÷Òª´ÓÊÂÉæ¼°µ½¹ú¼ÒÇå¾²ºÍ¹¤ÒµµÄÍøÂçÌØ¹¤»î¶¯¡£¡£¡£Æ¾Ö¤BitdefenderÊý¾Ý£¬£¬£¬£¬£¬£¬£¬¸Ã×éÖ¯×ܹ²Ê¹ÓÃÁËÈýÖÖ¶ñÒâÈí¼þ£¬£¬£¬£¬£¬£¬£¬Ê×ÏȰ²ÅÅChinoxy×÷Ϊ³õʼ»á¼ûµÄÒ»¸ö¼òÆÓºóÃÅ£¬£¬£¬£¬£¬£¬£¬È»ºóͨ¹ýÆä°²ÅÅ¿ªÔ´Ô¶³Ì»á¼ûľÂíPCShare£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚ̽²âÊÜѬȾµÄÖ÷»ú£¬£¬£¬£¬£¬£¬£¬×îºó°²ÅÅÓÃÓÚÊý¾ÝÍøÂçºÍÊý¾Ý×ß©FunnyDream¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/more-than-200-systems-infected-by-new-chinese-apt-funnydream/
5.¶íÂÞ˹Sberbank³Æ2020Äê¸Ã¹ú½«ÒòÍøÂç·¸·¨Ëðʧ440ÒÚÃÀÔª
¶íÂÞ˹¹úÓÐÒøÐÐSberbank³Æ2020Äê¸Ã¹ú½«ÒòÍøÂç·¸·¨Ëðʧ440ÒÚÃÀÔª¡£¡£¡£¸ÃÐÐÌåÏÖ£¬£¬£¬£¬£¬£¬£¬ÓÉCOVID-19Òý·¢µÄ´ÓÊÐËÁÏÖ½ðÉúÒâÏòÊý×ÖÖ§¸¶µÄת±ä£¬£¬£¬£¬£¬£¬£¬¼Ó¾çÁËÇå¾²Òþ»¼¡£¡£¡£ÄÚÕþ²¿Ê®ÔÂÐû²¼µÄÊý¾ÝÏÔʾ£¬£¬£¬£¬£¬£¬£¬¶íÂÞ˹ÓëÒøÐп¨Óйص폷¨ÊýÄ¿ÔÚ2020ÄêÔöÌíÁË500£¥¡£¡£¡£Sberbank¸±Ö÷ϯ³ÆÆäƽ¾ùÌìÌì±ØÐè´¦Öóͷ£260ÒÚ´ÎÍøÂçÇå¾²ÊÂÎñ£¬£¬£¬£¬£¬£¬£¬²¢ÆÊÎöµÀÍøÂç·¸·¨µÄÔöÌí¿ÉÄÜÊÇÓÉÓÚ¶íÂÞ˹ÈõÊÆ¹«Ãñ¶ÔÔÚÏßڲƺÍÚ²ÆÊÖ¶ÎÈÏ֪ȱ·¦¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.infosecurity-magazine.com/news/sberbank-prediction-2020/
6.Managed.comѬȾÀÕË÷Èí¼þµ¼Ö²¿·ÖЧÀÍÆ÷å´»ú
11ÔÂ16ÈÕ£¬£¬£¬£¬£¬£¬£¬WebÍйÜЧÀÍÌṩÉÌManaged.comѬȾÀÕË÷Èí¼þµ¼Ö²¿·ÖЧÀÍÆ÷å´»ú¡£¡£¡£´Ë´Î¹¥»÷Ó°ÏìÁ˸ù«Ë¾ÃæÏò¹«ÖÚµÄWebÍйÜϵͳ£¬£¬£¬£¬£¬£¬£¬µ¼ÖÂijЩ¿Í»§Õ¾µãµÄÊý¾Ý±»¼ÓÃÜ¡£¡£¡£Õû¸öÍøÂçÍйܻù´¡ÉèÊ©ÔÚ¹¥»÷±¬·¢ÊýСʱºó±»´Ý»Ù£¬£¬£¬£¬£¬£¬£¬ÆäÖÐÕâ°üÀ¨WordPressºÍDotNetNukeÖÎÀíÖ÷»ú½â¾ö¼Æ»®¡¢µç×ÓÓʼþЧÀÍÆ÷¡¢DNSЧÀÍÆ÷¡¢RDP»á¼ûµã¡¢FTPЧÀÍÆ÷ºÍÔÚÏßÊý¾Ý¿â£¬£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾ÏÖÔÚÕýÔÚÆð¾¢»Ö¸´¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/web-hosting-provider-managed-shuts-down-after-ransomware-attack/