¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20180719

°ä²¼¹¦·ò 2018-07-19

¡¾¹¥»÷ÊÂÎñ¡¿ÃÀѪҺ¼ì²â³¢ÊÔÊÒLabCorpÔâºÚ¿ÍÈëÇÖ£¬£¬£¬£¬£¬£¬Êý°ÙÍòÓû§ÒÉÊÜÓ°Ïì


±¾ÖÜÒ»ÃÀ¹ú×î´óµÄѪҺ¼ì²â³¢ÊÔÊÒLabCorp°ä·¢ÆäÔÚÖÜÄ©ÆÚ¼äÔâµ½ºÚ¿ÍÈëÇÖ¡£¡£¡£ ¡£¡£LabCorp¹Ø¹ØÁ˲¿ÃÅϵͳÒÔ½ÚÔì¸ÃÈëÇֻ£¬£¬£¬£¬£¬£¬Ä¿Ç°¸÷ϵͳְÄÜÔÚ¸´Ô­ÖС£¡£¡£ ¡£¡£¸Ã¹«Ë¾°µÊ¾Ã»ÓÐÖ¤¾ÝÅú×¢²úÉúÁ˶ÔÊý¾ÝµÄδÊÚȨ½Ó¼û£¬£¬£¬£¬£¬£¬µ«Ã»ÓÐÅû¶¸ü¶àÓйØÏ¸½Ú¡£¡£¡£ ¡£¡£Óйص±¾ÖÔÚ½øÐе÷²éÖ®ÖС£¡£¡£ ¡£¡£LabCorpÔÚÈ«ÇòÕ¼Óнü6ÍòÃûÔ±¹¤£¬£¬£¬£¬£¬£¬ÆäÿÖܲâÊԵϼÕßÑù±¾³¬¹ý250Íò¸ö£¬£¬£¬£¬£¬£¬Òò¶øÊý¾Ýй¶µÄDZÔÚºó¹û¿ÉÄÜÊǾ޴óµÄ£¬£¬£¬£¬£¬£¬Êý°ÙÍòÓû§µÄÃô¸ÐÐÅÏ¢¿ÉÄÜÃæ¶Ô·çÏÕ¡£¡£¡£ ¡£¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/hackers-breach-network-of-labcorp-us-biggest-blood-testing-laboratories/


¡¾Êý¾Ýй¶¡¿ÐÂÎ÷À¼ProCare Health±»Ö¸·¸·¨ÍøÂçÔ¼80Íò²¡»¼µÄÒ½ÁƼͼ


¾ÝÐÂÎ÷À¼ÏÈÇý±¨±¨Â·£¬£¬£¬£¬£¬£¬ËļÒÒ½Áƹ«Ë¾ÖÒ¸æ³ÆÐÂÎ÷À¼ProCare Health¹«Ë¾ÔÚδ¾­Óû§Ô޳ɵÄÇé¿öÏÂÍøÂçÁËÔ¼80Íò²¡»¼µÄÒ½ÁƼͼ£¬£¬£¬£¬£¬£¬Ô̺¬²¡»¼µÄÐÕÃû¡¢µØÖ·¡¢²ÆÕþÐÅÏ¢¡¢ÁÙ´²Êý¾ÝÒÔ¼°ÓÃÒ©¼Í¼µÈÐÅÏ¢¡£¡£¡£ ¡£¡£ÕâËļҹ«Ë¾±ðÀëÊÇHealthLink¡¢Medtech Global¡¢myPracticeºÍBest Practice Software New Zealand¡£¡£¡£ ¡£¡£ProCare HealthµÄÕâÒ»ÐÐΪ¿ÉÄÜÎ¥·´ÁËÐÂÎ÷À¼½¡È«ÐÅÏ¢ÒþÖÔ·¨¡£¡£¡£ ¡£¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://threatpost.com/800k-patient-records-at-issue-in-procare-health-snafu/134071/


¡¾Êý¾Ýй¶¡¿Robocall¹«Ë¾Ð¹Â¶ÊýÊ®ÍòÃÀ¹úÑ¡ÃñµÄÓ×ÎÒÐÅÏ¢


Kromtech SecurityµÄ×êÑÐÈËÔ±Bob Diachenko·¢ÏÖRobocall¹«Ë¾µÄÒ»¸öAmazon S3¿É¹«¿ª½Ó¼û£¬£¬£¬£¬£¬£¬ÊýÊ®ÍòÃÀ¹úÑ¡ÃñµÄÓ×ÎÒÐÅÏ¢¿ÉÄÜй¶£¬£¬£¬£¬£¬£¬Ô̺¬Óû§µÄÐÕÃû¡¢ÐԱ𡢵®ÉúÈÕÆÚ¡¢µç»°ºÅÂë¡¢µØÖ·¡¢ÕþÖβ¼¾°¡¢Í¶Æ±º¹ÇàºÍÈ˶¡Í³¼ÆÊý¾ÝµÈÐÅÏ¢¡£¡£¡£ ¡£¡£¸Ã¹«Ë¾ÔÚ½Óµ½»ã±¨ºóÒѽ¨¸´¸ÃÎÊÌâ¡£¡£¡£ ¡£¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/robocall-firm-exposes-hundreds-of-thousands-of-us-voters-records/


¡¾·ì϶²¹¶¡¡¿Oracle°ä²¼2018Äê7Ô°²È«¸üУ¬£¬£¬£¬£¬£¬¹²½¨¸´334¸ö°²È«·ì϶


Oracle°ä²¼2018Äê7ÔµijÁÒª²¹¶¡¸üУ¨CPU£©£¬£¬£¬£¬£¬£¬º­¸ÇÁ˶à¸öOracleÆóÒµ²úÆ·¡£¡£¡£ ¡£¡£¸ÃCPU¹²½¨¸´ÁË334¸ö°²È«·ì϶£¨ÆäÖÐÔ̺¬61¸ö¸ßΣ·ì϶£©£¬£¬£¬£¬£¬£¬ÕâÒ»Êý×ÖÍ»ÆÆÁË2017Äê7ÔÂ308¸ö·ì϶µÄ¼Í¼£¬£¬£¬£¬£¬£¬´´º¹Çàиß¡£¡£¡£ ¡£¡£OracleµÄ½ðÈÚ·þÎñÀûÓ÷¨Ê½Öн¨¸´µÄ·ì϶×î¶à£¨56¸ö£©£¬£¬£¬£¬£¬£¬Æä´ÎÊÇFusion Middleware£¨44¸ö£©ÒÔ¼°ÁãÊÛÀûÓ÷¨Ê½£¨31¸ö£©ºÍMySQLÊý¾Ý¿â£¨31¸ö£©¡£¡£¡£ ¡£¡£Æ¾¾ÝERPScanµÄ·ÖÎö£¬£¬£¬£¬£¬£¬Ô¼65%µÄ·ì϶¿É±»Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷ÕßÀûÓᣡ£¡£ ¡£¡£

 

Ô­ÎÄÁ´½Ó£ºhttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html


¡¾Íþвµý±¨¡¿×êÑÐÈËÔ±·¢ÏÖÖØÒªÕë¶ÔÎÚ¿ËÀ¼µ±¾Ö»ú¹¹µÄÍøÂç¼äµý»î¶¯


ESET°²È«×êÑÐÈËÔ±·¢ÏÖÖØÒªÕë¶ÔÎÚ¿ËÀ¼µ±¾Ö»ú¹¹µÄ³ÖÐøÍøÂç¼äµý»î¶¯£¬£¬£¬£¬£¬£¬¹¥»÷Õßͨ¹ýÍøÂç´¹µöÓʼþ·Ö·¢ÈýÖÖ·ÖÆçµÄRAT£¬£¬£¬£¬£¬£¬Ô̺¬Quasar RAT¡¢Sobaken RATºÍVermin RAT¡£¡£¡£ ¡£¡£ÕâÈýÖÖRAT±»ÓÃÓÚÕë¶Ô·ÖÆçµÄÖ¸±ê£¬£¬£¬£¬£¬£¬µ«ËüÃǹ²ÏíһЩ»ù´¡ÉèÊ©£¬£¬£¬£¬£¬£¬²¢ÇÒÏνӵ½Ò»ÑùµÄC&C·þÎñÆ÷¡£¡£¡£ ¡£¡£¸Ã¹¥»÷»î¶¯×îÔçÄܹ»×·ÒäÖÁ2015Äê10Ô£¬£¬£¬£¬£¬£¬×êÑÐÈËÔ±Ôڻ㱨ÖÐÅû¶ÁËÓйصÄIoC¡£¡£¡£ ¡£¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/74527/malware/vermin-rat-ukraine.html


¡¾Íþвµý±¨¡¿×êÑÐÈËÔ±·¢ÏÖÓÃÓÚ·Ö·¢EmotetºÍTrickbotµÄÀ¬»øÓʼþ»î¶¯


Palo Alto Networks°²È«×êÑÐÈËÔ±·¢ÏÖÓÃÓÚ·Ö·¢ÒøÐжñÒâÈí¼þEmotetºÍTrickbotµÄÀ¬»øÓʼþ»î¶¯¡£¡£¡£ ¡£¡£ÕâÁ½ÖÖ¶ñÒâÈí¼þͨ³£Í¨¹ý·ÖÆçµÄÀ¬»øÓʼþµ¥¶À½øÐзַ¢£¬£¬£¬£¬£¬£¬µ«ÕâÖÖEmotet+TrickbotµÄ×éºÏʹµÃÈκÎÒ×Êܹ¥»÷µÄWindowsÖ÷»úµÄΣÏÕ¼Ó±¶¡£¡£¡£ ¡£¡£¸Ã¹¥»÷»î¶¯ÆðÍ·ÓÚ2018Äê6ÔÂ11ÈÕ£¬£¬£¬£¬£¬£¬À¬»øÓʼþµÄÖ÷ÌâÊÇÃÀ¹ú¹ú˰¾ÖÒÔ¼°¶ÀÁ¢Èյȡ£¡£¡£ ¡£¡£×êÑÐÈËÔ±Åû¶Á˸ûµÄ¾ßÌåIoC¡£¡£¡£ ¡£¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://researchcenter.paloaltonetworks.com/2018/07/unit42-malware-team-malspam-pushing-emotet-trickbot/