TikTok·ñ¶¨ÆäÔâµ½¹¥»÷ºóÔ´´úÂëºÍÓû§Êý¾Ý±»µÁµÄ˵·¨
Ðû²¼Ê±¼ä 2022-09-07
¾ÝýÌå9ÔÂ5ÈÕ±¨µÀ£¬£¬£¬£¬ÃûΪAgainstTheWestµÄºÚ¿ÍÍÅ»ïÉù³ÆÒÑÈëÇÖTikTokºÍ΢ÐÅ£¬£¬£¬£¬²¢Ðû²¼ÁËËùνÊý¾Ý¿âµÄ½ØÍ¼¡£¡£¡£¡£¡£ËûÃÇ˵¸ÃÊý¾Ý¿âÊÇÔÚÒ»¸ö°¢ÀïÔÆÊµÀýÉÏ»á¼ûµÄ£¬£¬£¬£¬°üÀ¨20.5ÒÚÌõ¼Í¼£¬£¬£¬£¬Éæ¼°Óû§Êý¾Ý¡¢Æ½Ì¨Í³¼ÆÐÅÏ¢¡¢Èí¼þ´úÂë¡¢cookie¡¢Éí·ÝÑéÖ¤ÁîÅÆºÍЧÀÍÆ÷ÐÅÏ¢µÈ¡£¡£¡£¡£¡£TikTok·ñ¶¨ÁËÆä±»ºÚ¿ÍÈëÇÖµÄ˵·¨£¬£¬£¬£¬²¢ÌåÏÖ¹¥»÷Õß¹ûÕæµÄµÄÔ´´úÂë²»ÊÇÆäÆ½Ì¨µÄÒ»²¿·Ö¡£¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬AgaintTheWest µÄÕ˺ÅÒѱ»Í£Ó㬣¬£¬£¬ºÚ¿ÍÂÛ̳BreachÖ¸³öй¶Êý¾Ý²¢·ÇÀ´×ÔTikTok£¬£¬£¬£¬²¢ÇÒ¹¥»÷Õß¿ÉÄÜÔÚ˵»Ñ¡£¡£¡£¡£¡£
https://www.bleepingcomputer.com/news/security/tiktok-denies-security-breach-after-hackers-leak-user-data-source-code/
2¡¢InstagramÒòÎ¥·´GDPRÀÄÓöùͯÊý¾Ý±»°®¶ûÀ¼·£¿£¿£¿£¿£¿î4ÒÚÃÀÔª
¾Ý9ÔÂ6ÈÕ±¨µÀ£¬£¬£¬£¬InstagramÒòÎ¥·´GDPR±»°®¶ûÀ¼Êý¾Ý±£»£»£»£»£»£»¤Î¯Ô±»á(DPC)·£¿£¿£¿£¿£¿î4.02ÒÚÃÀÔª¡£¡£¡£¡£¡£DPCÌåÏÖ£¬£¬£¬£¬InstagramÔÊÐí13-17ËêµÄ¶ùͯ½¨ÉèÉÌÒµÕË»§£¬£¬£¬£¬Õâ¿ÉʹÕâЩ¶ùͯµÄÐÅÏ¢±»¹ûÕæ¡£¡£¡£¡£¡£²¢ÇÒÆäÓû§×¢²áϵͳÖжùͯÓû§µÄÕÊ»§Ä¬ÈÏÉèÖÃΪ¹ûÕæ£¬£¬£¬£¬´Ó¶ø¹ûÕæÁË´ËÀàÓû§µÄÉ罻ýÌåÄÚÈÝ£¬£¬£¬£¬Óû§±ØÐèÊÖ¶¯½«ÕÊ»§ÉèÖÃΪ˽ÈË¡£¡£¡£¡£¡£InstagramµÄĸ¹«Ë¾Meta¶Ô·£¿£¿£¿£¿£¿îµÄÅÌËã·½·¨Ìá³öÒìÒ飬£¬£¬£¬³ÆÆä²»ÇкÏGDPRµÄÎı¾£¬£¬£¬£¬µ¼Ö·£¿£¿£¿£¿£¿îÏÔןßÓÚÆäËüÓëGDPRÏà¹ØµÄ·£¿£¿£¿£¿£¿î£¬£¬£¬£¬²¢ÍýÏë¶Ô¸ÃÖ¸¿ØÌá³öÉÏËß¡£¡£¡£¡£¡£
https://therecord.media/instagram-appealing-400-million-fine-from-ireland-data-privacy-org-over-gdpr-violations/
3¡¢ResecurityÔÚ°µÍø·¢Ã÷¿ÉÈÆ¹ýMFAµÄEvilProxy PhaaS
9ÔÂ5ÈÕ£¬£¬£¬£¬ResecurityÅû¶ÁËеÄÍøÂç´¹ÂÚ¼´Ð§ÀÍ(PaaS)ƽ̨EvilProxy¡£¡£¡£¡£¡£ÔÚijЩÇéÐÎÏÂËüµÄÌæ»»Ãû³ÆÊÇMoloch£¬£¬£¬£¬Óë֮ǰÕë¶Ô½ðÈÚ»ú¹¹ºÍµçÉÌÐÐÒµµÄ¼¸¸ö³£¼ûµÄ´¹ÂÚ¹¤¾ß°üÓÐijÖÖÁªÏµ¡£¡£¡£¡£¡£EvilProxyÓÚ2022Äê5ÔÂÉÏÑ®Ê״α»¼ì²âµ½£¬£¬£¬£¬Ñо¿Ö°Ô±ÌåÏÖÏñEvilProxyÕâÑùµÄ²úÆ·»¯Ð§ÀÍ¿ÉÓÃÀ´×î´ó¹æÄ£µØ¹¥»÷ÆôÓÃÁËMFAµÄÓû§£¬£¬£¬£¬¶øÎÞÐèÆÆ½âÉÏÓÎЧÀÍ¡£¡£¡£¡£¡£¹¥»÷ÕßʹÓ÷´ÏòÊðÀíºÍCookie×¢ÈëµÄÒªÁìÈÆ¹ý2FAÉí·ÝÑéÖ¤£¬£¬£¬£¬´ËÀàÒªÁìÔÚAPTºÍÌØ¹¤¹¥»÷µÈÓÐÕë¶ÔÐԵĻÖо³£¼ûµ½¡£¡£¡£¡£¡£ÖµµÃ×¢ÖØµÄÊÇ£¬£¬£¬£¬EvilProxy»¹Ö§³ÖÕë¶ÔPyPiµÄ´¹ÂÚ¹¥»÷¡£¡£¡£¡£¡£
https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web
4¡¢¹ú¼ÊÐ̾¯×éÖ¯·¢Ã÷²¢Àֳɵ·»Ùij¿ç¹úÊý×ÖÀÕË÷ÍÅ»ï
ýÌå9ÔÂ5Èճƣ¬£¬£¬£¬¹ú¼ÊÐ̾¯×éÖ¯µÄÍøÂç·¸·¨²¿·ÖÓëÐÂ¼ÓÆÂºÍÖйúÏã¸Û¾¯·½ÁªºÏÊÓ²ìºó£¬£¬£¬£¬·¢Ã÷²¢Àֳɵ·»Ùij¿ç¹úÊý×ÖÀÕË÷ÍŻ¡£¡£¡£¡£ÊÓ²ìÖ°Ô±·¢Ã÷¹¥»÷Õßͨ¹ýÔÚÏßÉ«ÇéÆ½Ì¨ºÍÔ¼»áƽ̨ҪÇóÄ¿µÄÏÂÔØ¶ñÒâÒÆ¶¯Ó¦Óò¢¾ÙÐÐÂãÁÄ£¬£¬£¬£¬È»ºó¸Ã¶ñÒâÓ¦ÓûáÇÔÈ¡ËûÃÇÊÖ»úÁªÏµÈËÁбíÖеÄÄÚÈÝ£¬£¬£¬£¬¹¥»÷Õß»áʹÓÃÕâЩÐÅÏ¢À´Ú²ÆÄ¿µÄ£¬£¬£¬£¬ÍþвҪÓëËûÃÇͨѶ¼ÖеÄÇ×ÓÑ·ÖÏíÕâЩÊÓÆµ¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬12ÃûÉæÏÓÊǸÃÍŻケµã³ÉÔ±µÄÏÓÒÉÈËÒÑÓÚ7ÔºÍ8Ô±»²¶¡£¡£¡£¡£¡£¹ú¼ÊÐ̾¯×éÖ¯ÌåÏÖ£¬£¬£¬£¬½üÄêÀ´Êý×ÖÀÕË÷µÄ±¨¸æ¼±¾çÔöÌí£¬£¬£¬£¬¶øCOVID-19¼Ó¾çÁËÕâÖÖÔöÌí¡£¡£¡£¡£¡£
https://www.bleepingcomputer.com/news/security/interpol-dismantles-sextortion-ring-warns-of-increased-attacks/
5¡¢NCC͸¶ÐÂSharkBot±äÖÖÔÙ´ÎÈÆ¹ýGoogle PlayµÄ¼ì²â
¾ÝýÌå9ÔÂ5Èճƣ¬£¬£¬£¬NCC GroupÑо¿Ö°Ô±ÔÚGoogle Play StoreÖз¢Ã÷ÁËеÄSharkBot±äÖÖ¡£¡£¡£¡£¡£ÐµÄSharkBot dropper²»ÒÀÀµAccessibilityȨÏÞÀ´×Ô¶¯Ö´ÐÐ×°Ö㬣¬£¬£¬Ïà·´£¬£¬£¬£¬Õâ¸öбäÌåÒªÇóÄ¿µÄ½«¸Ã¶ñÒâÈí¼þ×÷Ϊһ¸öÐéα¸üÐÂÀ´×°Öᣡ£¡£¡£¡£ÓÐÎÊÌâµÄÁ½¸öÓ¦ÓóÌÐòΪMister Phone CleanerºÍKylhavy Mobile Security£¬£¬£¬£¬×°ÖÃÁ¿»®·ÖΪ10000ºÍ50000£¬£¬£¬£¬Ö÷ÒªÕë¶ÔÎ÷°àÑÀ¡¢°Ä´óÀûÑÇ¡¢²¨À¼¡¢µÂ¹ú¡¢ÃÀ¹úºÍ°ÂµØÀûµÄÓû§¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬ÊÜÓ°ÏìÓ¦ÓÃÒÑ´ÓGoogle PlayÖÐɾ³ý£¬£¬£¬£¬µ«ÒÑ×°ÖõÄÓû§ÈÔÃæÁÙΣº¦£¬£¬£¬£¬Ó¦ÊÖ¶¯É¾³ýËüÃÇ¡£¡£¡£¡£¡£
https://securityaffairs.co/wordpress/135303/malware/sharkbot-variant-google-play.html
6¡¢KasperskyÐû²¼2021ÄêÍøÂçÇå¾²ÊÂÎñÏìÓ¦µÄÆÊÎö±¨¸æ
9ÔÂ5ÈÕ£¬£¬£¬£¬KasperskyÐû²¼ÁË2021ÄêÍøÂçÇå¾²ÊÂÎñÏìÓ¦µÄÆÊÎö±¨¸æ¡£¡£¡£¡£¡£ÔÚ¸ÃÄê¶ÈÊÂÎñÏìÓ¦±¨¸æÖУ¬£¬£¬£¬Ñо¿Ö°Ô±Æ¾Ö¤¶ÔÇå¾²ÊÂÎñµÄÊÓ²ì¹ûÕæÁË×îз¢Ã÷ºÍͳ¼ÆÊý¾Ý¡£¡£¡£¡£¡£ÔÚ2021Ä꣬£¬£¬£¬´ó´ó¶¼ÊÂÎñÏìӦЧÀÍÇëÇóÀ´×ÔÔÚÅ·ÖÞ (30.1%)¡¢CIS(24.7%)ºÍÖж«(23.7%)£»£»£»£»£»£»¹¤Òµ(30.1%)¡¢Õþ¸®(19.4%)ºÍ½ðÈÚ(12.9%)ÐÐÒµµÄ×éÖ¯ÈÔÈ»ÊÇ×î¾ßÕë¶ÔÐÔµÄ×éÖ¯£»£»£»£»£»£»ÔÚ53.6%µÄ°¸ÀýÖУ¬£¬£¬£¬Ê¹ÓÃÃæÏò¹«ÖÚµÄÓ¦ÓóÌÐòÖеÄÎó²îÊÇ×î³õµÄѬȾǰÑÔ£»£»£»£»£»£»ÔÚ40%µÄÊÂÎñÖУ¬£¬£¬£¬¹¥»÷ÕßʹÓÃÁËÕýµ±¹¤¾ß¡£¡£¡£¡£¡£
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/09/02120838/Kaspersky-The-nature-of-cyber-incidents_v11-1.pdf