¡¶Î¬ËûÃü¡·ÖðÈÕÇå¾²¼òѶ20180614

Ðû²¼Ê±¼ä 2018-06-14
¡¾Êý¾Ýй¶¡¿ÁãÊÛ¹«Ë¾Dixons CarphoneÔâºÚ¿ÍÈëÇÖ£¬Ô¼590ÍòÓû§µÄÐÅÓÿ¨ÐÅϢй¶


ÁãÊÛ¹«Ë¾Dixons CarphoneÅû¶һ¸öÉæ¼°Ô¼590ÍòÕÅÐÅÓÿ¨ºÍ120ÍòÌõСÎÒ˽¼ÒÊý¾Ý¼Í¼µÄÇå¾²ÊÂÎñ¡£¸Ã¹«Ë¾³ÆºÚ¿Í»á¼ûÁË´æ´¢ÔÚÆäCurrys PC WorldºÍDixons TravelÊÐËÁµÄϵͳÖеÄÔ¼590ÍòÕÅÐÅÓÿ¨Êý¾Ý£¬ÆäÖÐ580ÍòÕÅÐÅÓÿ¨¾ßÓÐоƬºÍPINÂë± £»¤£¬ÕâÒâζןڿͻñÈ¡µÄÊý¾Ý¼ÈûÓаüÀ¨PINÂë¡¢CVV£¬Ò²Ã»ÓаüÀ¨ÈκοÉÒÔ¾ÙÐгֿ¨ÈËʶ±ðºÍ¹ºÖÃÐÐΪµÄÑéÖ¤Êý¾Ý¡£¸Ã¹«Ë¾ÕýÔÚÁªÏµÊÜÓ°ÏìµÄÓû§£¬²¢ÏòËûÃǸøÓ轨Òé¡£


Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/73479/data-breach/dixons-carphone-hacked.html




¡¾ÍþвÇ鱨¡¿Ñо¿Ö°Ô±·¢Ã÷MacµÄÇå¾²¹¤¾ß±£´æbug£¬¿ÉÔÊÐí¶ñÒâÈí¼þαװ³ÉÕýµ±µÄAppleÈí¼þ


ƾ֤OktaÇå¾²Ñо¿Ö°Ô±Josh PittsÐû²¼µÄÑо¿±¨¸æ£¬µÚÈý·½Ó¦ÓóÌÐòÖеÄÎó²î¿Éµ¼Ö¶ñÒâÈí¼þαװ³ÉÓÉAppleÊðÃûµÄÕýµ±³ÌÐò£¬À´×ÔFacebook¡¢Google¡¢VirusTotalµÈµÄµÚÈý·½MacÇå¾²³ÌÐò¶¼ÊÜÓ°Ïì¡£¸ÃÎó²îÊÇÓÉÓÚÓ¦ÓóÌÐòûÓÐ׼ȷµØ¼ì²é¿ÉÖ´ÐÐÎļþ£¨FatÎļþ£©µÄÊðÃûµ¼ÖµÄ£¬Apple³ÆÕâÊÇÒ»¸öÓëµÚÈý·½¿ª·¢Ö°Ô±Ïà¹ØµÄÎó²î¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/mac-security-tool-bugs-allow-malware-to-appear-as-apple-software/




¡¾ÍþвÇ鱨¡¿Ñо¿ÍŶӷ¢Ã÷APT27Õë¶ÔÖÐÑǵØÇøµÄ¹ú¼ÒÊý¾ÝÖÐÐÄÌᳫ¹¥»÷Ô˶¯


¿¨°Í˹»ùʵÑéÊÒ·¢Ã÷Ò»¸öÕë¶ÔÖÐÑǹú¼ÒÊý¾ÝÖÐÐĵĹ¥»÷Ô˶¯£¬¸ÃÔ˶¯×Ô2017ÄêÇï¼¾ÒÔÀ´Ò»Ö±»îÔ¾£¬Ñо¿Ö°Ô±ÒÔΪ¹¥»÷ÕßÊÇ·¸·¨ÍÅ»ïLuckyMouse£¨Ò²±»³ÆΪAPT27£©¡£³õʼ¹¥»÷ÏòÁ¿Éв»ÇåÎú£¬µ«¹¥»÷ÕßʹÓÃľÂíHyperBro×÷ΪÆä×îÖս׶εÄRAT¹¤¾ß£¬²¢¿ÉÄÜʹÓÃÕâЩÕþ¸®ÍøÕ¾×ÊÔ´Ìᳫˮ¿Ó¹¥»÷¡£Ñо¿Ö°Ô±Åû¶Á˸ù¥»÷Ô˶¯Ïà¹ØµÄIoC¡£


Ô­ÎÄÁ´½Ó£ºhttps://securelist.com/luckymouse-hits-national-data-center/86083/




¡¾Îó²î²¹¶¡¡¿Î¢ÈíÐû²¼6ÔµÄÇå¾²¸üУ¬¹²ÐÞ¸´50¸öÇå¾²Îó²î


±¾Öܶþ΢ÈíÐû²¼2018Äê6ÔµÄÇå¾²¸üУ¬¹²ÐÞ¸´ÁË50¸öÇå¾²Îó²î£¬ÊÜÓ°ÏìµÄ²úÆ·°üÀ¨Windowsϵͳ¡¢IE¡¢Edge¡¢JSÒýÇæChakraCore¡¢OfficeºÍWeb Apps¡£±¾´Î²¹¶¡°üÖв»°üÀ¨ÈκÎWindows 0day£¬µ«Î¢ÈíÐÞ¸´ÁËÉÏÖÜÅû¶µÄÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2018-8267£©¡£ÏêϸÎó²îÁбíÇë²Î¿¼ÒÔÏÂÁ´½Ó¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/microsoft/microsoft-june-2018-patch-tuesday-fixes-50-security-issues/




¡¾Îó²î²¹¶¡¡¿Ñо¿Ö°Ô±·¢Ã÷CortanaÌáȨÎó²î¿ÉÔÊÐí¹¥»÷Õß»á¼ûËø¶¨µÄµçÄÔ


McAfeeÇå¾²Ñо¿Ö°Ô±Cedric Cochin·¢Ã÷΢ÈíµÄCortanaÖÇÄÜÖúÊÖ±£´æÒ»¸öÇå¾²Îó²î£¬¸ÃÌáȨÎó²î£¨CVE-2018-8140£©¿ÉÔÊÐí¹¥»÷Õß»á¼ûËø¶¨µÄÅÌËã»úÒÔʹÓÃCortanaºÍ»á¼ûÉè±¹ØÁ¬ÄÊý¾Ý¡¢Ö´ÐжñÒâ´úÂëÉõÖÁÐÞ¸ÄÃÜÂëÒÔÍêÈ«½ÓÊÜ×°±¸¡£½¨ÒéÓû§¾¡¿ì¸üÐÂÖÁ×îа汾µÄWindows£¬»òÕßÔÚËø¶¨ÆÁĻʱ½ûÓÃCortana¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/cortana-hack-lets-you-change-passwords-on-locked-pcs/




¡¾¶ñÒâÈí¼þ¡¿Ñо¿ÍŶӷ¢Ã÷ͨ¹ýNSA EternalRomanceÎó²îʹÓÃÈö²¥µÄ¶ñÒâÈí¼þPyRoMineIoT


FortinetÑо¿ÍŶӷ¢Ã÷ʹÓÃÓëNSAÓйصÄEternalRomanceÎó²îʹÓþÙÐÐÈö²¥µÄ¶ñÒâÍÚ¿óÈí¼þPyRoMineIoT£¬PyRoMineIoTÊÇPyRoMineµÄÒ»¸öбäÖÖ£¬ÆäʹÓÃÊÜѬȾµÄ×°±¸À´É¨ÃèÒ×Êܹ¥»÷µÄIoT×°±¸£¬Ö÷ÒªÕë¶ÔÒÁÀʺÍɳÌØ°¢À­²®¡£PyRoMineIoTÒÀȻʹÓÃÁËIPµØµã212.83.190.122£¬Æä»áÔÚÊÜѬȾµÄ×°±¸ÉÏÊÔͼɾ³ýÆäËüPyRoMine±äÖÖ¡£


Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/73472/malware/pyromineiot-iot-miner.html