¡¶Î¬ËûÃü¡·ÖðÈÕÇå¾²¼òѶ20180827

Ðû²¼Ê±¼ä 2018-08-27

¡¾Êý¾Ýй¶¡¿°®¶ûÀ¼µçÐŹ«Ë¾EirµÄһ̨Ìõ¼Ç±¾±»µÁ£¬µ¼ÖÂÔ¼3.7ÍòÓû§µÄÐÅϢй¶


ƾ֤°®¶ûÀ¼µçÐŹ«Ë¾Eir¹ÙÍøÉϵÄ֪ͨ£¬¸Ã¹«Ë¾µÄһ̨°üÀ¨Óû§Êý¾ÝµÄδ¼ÓÃܵÄÌõ¼Ç±¾µçÄÔÔâÇÔ£¬µ¼ÖÂÔ¼3.7ÍòÓû§µÄСÎÒ˽¼ÒÐÅϢй¶¡£Ð¹Â¶µÄÊý¾Ý°üÀ¨ÐÕÃû¡¢µç×ÓÓʼþµØµã¡¢µç»°ºÅÂëºÍeirÕ˺Å¡£¸Ã¹«Ë¾³Æ鶵ÄÊý¾Ý²»°üÀ¨ÈκÎÓû§µÄ²ÆÎñÊý¾Ý¡£ÏÖÔڸù«Ë¾ÒÑÏòÊý¾Ý±£»¤×¨Ô±ºÍ°®¶ûÀ¼¾¯Ô±×ª´ïÁË´Ë´ÎÊÂÎñ¡£


Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/75655/data-breach/eir-data-breach.html


¡¾ÍþвÇ鱨¡¿Ñо¿ÍŶӳÆÈýÐÇ¡¢»ªÎªµÈ11¼Ò³§É̵ÄAndroidÊÖ»úÒ×ÊÜATÏÂÁî¹¥»÷


Çå¾²Ñо¿ÍŶӷ¢Ã÷11¸öÊÖ»ú³§É̵ÄAndroidÖÇÄÜÊÖ»úÒ×ÊÜATÏÂÁîµÄ¹¥»÷£¬°üÀ¨»ªË¶¡¢Google¡¢HTC¡¢»ªÎª¡¢åÚÏë¡¢LG¡¢Ä¦ÍÐÂÞÀ­¡¢ÈýÐÇ¡¢Ë÷Äá¡¢ÖÐÐ˺ÍLineageOS¡£¸ÃÑо¿ÍŶÓÆÊÎöÁËÕâ11¼Ò³§É̵Ä2000¶à¸öAndroid¹Ì¼þ¾µÏñ£¬·¢Ã÷ÕâЩװ±¸Ö§³ÖÁè¼Ý3500ÖÖ²î±ðÀàÐ͵ÄATÏÂÁÆäÖÐһЩÏÂÁî¿ÉÒÔ»á¼ûºÜÊÇΣÏյĹ¦Ð§¡£ÕâЩÏÂÁî¿ÉÒÔͨ¹ýUSB¶Ë¿Ú»á¼û¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/smartphones-from-11-oems-vulnerable-to-attacks-via-hidden-at-commands/


¡¾ÍþвÇ鱨¡¿GoogleÑо¿Ö°Ô±³Æ±¤ÀÝÖ®Ò¹µÄAndroid appÒ×ÊÜMitD¹¥»÷


GoogleÇå¾²Ñо¿Ö°Ô±·¢Ã÷ºÜÊÇÊܽӴýµÄÓÎÏ·±¤ÀÝÖ®Ò¹µÄAndroid°æÒ×ÊÜMitD¹¥»÷¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÒÑ×°ÖÃÔÚÓû§ÊÖ»úÉϵĵÍȨÏÞ¶ñÒâappЮÖƱ¤ÀÝÖ®Ò¹appµÄ×°ÖÃÀú³Ì²¢×°ÖþßÓиü¸ßȨÏÞ¼¶±ðµÄÆäËü¶ñÒâÓ¦Óá£Ñо¿Ö°Ô±»¹·ÖÏíÁËÒ»¸ö¹¥»÷Àú³ÌµÄÑÝʾÊÓƵ¡£±¤ÀÝÖ®Ò¹µÄ¿ª·¢ÉÌEpic GamesÐû²¼ÁËа汾2.1.0ÒÔÐÞ¸´´ËÎÊÌâ¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/fortnite-android-app-vulnerable-to-man-in-the-disk-attacks/


¡¾ÍþвÇ鱨¡¿Ñо¿ÍŶӷ¢Ã÷Ö÷ÒªÕë¶ÔÈÕ±¾µÄ´ó¹æÄ£À¬»øÓʼþÔ˶¯


Ç÷ÊƿƼ¼Ñо¿ÍŶӷ¢Ã÷Ö÷ÒªÕë¶ÔÈÕ±¾µÄ´ó¹æÄ£À¬»øÓʼþÔ˶¯¡£¸ÃÀ¬»øÓʼþÔ˶¯Óɽ©Ê¬ÍøÂçCutwail·Ö·¢£¬Ê¹Óû¥ÁªÍøÅÌÎÊÎļþIQYÈö²¥¶ñÒâÈí¼þBEBLOHºÍURSNIF¡£Ñо¿ÍŶÓÔÚ2018Äê8ÔÂ6ÈÕ¼ì²âµ½¸ÃÔ˶¯£¬¸ÃÔ˶¯¿¢ÊÂÓÚ8ÔÂ9ÈÕ£¬¹²·Ö·¢ÁËÔ¼50Íò·âÀ¬»øÓʼþ¡£ÈôÊǼì²âµ½·ÇÈÕ±¾µÄIPµØµã£¬Ôò²»»áÏÂÔضñÒâµÄÓÐÓúÉÔØ¡£ÆäÓÐÓúÉÔØBEBLOHÊÇÒ»¸öÒøÐÐľÂí£¬¶øURSNIFÔòÊÇÒ»¸öÖøÃûµÄÓÃÓÚÇÔÊØÐÅÏ¢µÄ¶ñÒâÈí¼þ¡£


Ô­ÎÄÁ´½Ó£ºhttps://blog.trendmicro.com/trendlabs-security-intelligence/iqy-and-powershell-abused-by-spam-campaign-to-infect-users-in-japan-with-bebloh-and-ursnif/


¡¾ÍþвÇ鱨¡¿Ñо¿ÍŶÓÑÝʾͨ¹ýUSB³äµçÏßÈëÇÖÅÌËã»úµÄUSBHarpoon¹¥»÷


Çå¾²Ñо¿ÍŶÓÑÝʾÔõÑùʹÓÃUSB³äµçÏßÈëÇÖÅÌËã»úµÄUSBHarpoon¹¥»÷¡£USBHarpoonʹÓóäµçÏ߶ø²»ÊÇUSBÇý¶¯Æ÷À´Íê³ÉÈëÇÖ£¬ÕâʹÆäÔ½·¢ÒþÄä¡£¸Ã³äµçÏß´øÓÐˢеÄÅþÁ¬Æ÷£¬ÔÊÐíµçÁ÷ºÍÊý¾Ýͨ¹ý£¬´Ë¹¦Ð§Ê¹Æä¿ÉÒÔÅäºÏÈκÎUSB×°±¸¶ø²»»áÒýÆðÏÓÒÉ¡£USBHarpoon¹¥»÷¿ÉÒÔÆô¶¯ÏÂÔغÍÖ´ÐÐÓÐÓúÉÔصÄÏÂÁî¡£


Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/75644/hacking/usbharpoon-attack.html


¡¾ÍþвÇ鱨¡¿FireEyeÅû¶ÒÉËÆÒÁÀÊÌᳫµÄÕë¶ÔÃÀ¹ú¡¢Ó¢¹úºÍÖж«µÄÐéαÐÂÎÅÍøÂç

FireEye¿ËÈÕ·¢Ã÷ÁËÒ»ÏîËƺõÀ´×ÔÒÁÀʵĿÉÒÉÔ˶¯£¬¸Ã¶ñÒâÔ˶¯Ê¹Óöà¸öÉ罻ýÌåƽ̨ÉϵÄÐéαÐÂÎÅÍøÕ¾ºÍÏà¹ØÕË»§µÄ¼¯ÈºÍøÂ磬Ðû²¼ÇкÏÒÁÀÊÀûÒæµÄÕþÖÎÐÂÎÅ¡£ÆäÕë¶ÔµÄµØÇø°üÀ¨ÃÀ¹ú¡¢Ó¢¹ú¡¢À­¶¡ÃÀÖÞºÍÖж«µØÇø£¬Ðû´«µÄÄÚÈÝ°üÀ¨·´É³ÌØ°¢À­²®¡¢·´ÒÔÉ«ÁкÍÇ×°ÍÀÕ˹̹ÒÔ¼°Ö§³ÖÃÀ¹úÓÐÀûÓÚÒÁÀʵÄÏêϸÕþ²ß£¬ÈçÃÀÒÁºËЭÒ飨JCPOA£©µÈ¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.fireeye.com/blog/threat-research/2018/08/suspected-iranian-influence-operation.html