¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181009

°ä²¼¹¦·ò 2018-10-09
1¡¢¹ú¶ÈÄÜÔ´¾ÖÓ¡·¢¡¶¹ØÓÚ¼ÓÇ¿µçÁ¦ÐÐÒµÍøÂ簲ȫ¹¤×÷µÄÁìµ¼¶¨¼û¡·

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website

¡¶¶¨¼û¡·ÝÓÈÆ½øÒ»²½ÂäʵµçÁ¦ÆóÒµÍøÂ簲ȫÖ÷ÌåÔðÈΣ¬£¬£¬£¬ £¬£¬£¬ÃÀÂúÍøÂ簲ȫ¼à¶½ÖÎÀíÌåÔì»úÔ죬£¬£¬£¬ £¬£¬£¬¼Óǿȫ·½Î»ÍøÂ簲ȫÖÎÀí£¬£¬£¬£¬ £¬£¬£¬Ç¿»¯¹Ø¼üÐÅÏ¢»ù´¡ÉèÊ©°²È«±£»£»£»£»£» £»£»¤£¬£¬£¬£¬ £¬£¬£¬¼ÓÇ¿ÐÐÒµÍøÂ簲ȫ»ù´¡ÉèÊ©½¨É裬£¬£¬£¬ £¬£¬£¬¼ÓÇ¿µçÁ¦ÆóÒµÊý¾Ý°²È«±£»£»£»£»£» £»£»¤£¬£¬£¬£¬ £¬£¬£¬Ìá¸ßÍøÂç°²È«Ì¬ÊÆ¸ÐÖª¡¢Ô¤¾¯¼°Ó¦¼±´ëÖÃÄÜÁ¦£¬£¬£¬£¬ £¬£¬£¬Ö§³ÖÍøÂ簲ȫ×ÔÖ÷´´ÐÂÓ밲ȫ¿É¿Ø£»£»£»£»£» £»£»»ý¼«Íƶ¯µçÁ¦ÐÐÒµÍøÂ簲ȫ²úÒµ½¡È«·¢Õ¹£¬£¬£¬£¬ £¬£¬£¬Íƶ¯ÍøÂ簲ȫ¾üÃñÈÚºÏÉî¶È·¢Õ¹£¬£¬£¬£¬ £¬£¬£¬¼ÓÇ¿ÍøÂ簲ȫÈ˲ÅÐÐÁн¨É裬£¬£¬£¬ £¬£¬£¬ÍØÕ¹ÍøÂ簲ȫ¹ú¼ÊºÏ×÷µÈ12·½ÃæÌá³ö30Ìõ¾ßÌåÒªÇ󡣡£¡£¡£¡£¡£¡£¡£

  

 Ô­ÎÄÁ´½Ó£º

https://www.ics-cert.org.cn/portal/page/132/0460854682f84a51baf925e95162aabb.html


2¡¢ÉæÏÓÒþÂ÷50ÍòÓû§Êý¾Ýй¶£¬£¬£¬£¬ £¬£¬£¬¹È¸è½«¹Ø¹ØÉç½»ÍøÂçGoogle+


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website

ƾ¾Ý¹È¸èµÄ»ã±¨£¬£¬£¬£¬ £¬£¬£¬Google+µÄPeople APIÖдæÔÚÒ»¸ö°²È«·ì϶£¬£¬£¬£¬ £¬£¬£¬¿ÉÔÊÐíµÚÈý·½¿ª·¢Õß½Ó¼û³¬¹ý50ÍòÓû§µÄÊý¾Ý£¬£¬£¬£¬ £¬£¬£¬Ô̺¬Óû§Ãû¡¢µç×ÓÓʼþµØÖ·¡¢Ö°Òµ¡¢µ®ÉúÈÕÆÚ¡¢Ó×ÎÒ×ÊÁÏÕÕÆ¬ÒÔ¼°ÐÔ±ðµÈÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£¹È¸èÔÚ2018Äê3Ô·¢ÏÖ²¢½¨¸´Á˸÷ì϶£¬£¬£¬£¬ £¬£¬£¬µ«¸Ã¹«Ë¾Ñ¡Ôñ²»Ïò¹«¼ÒÅû¶´ËÊÂÎñ¡£¡£¡£¡£¡£¡£¡£¡£³ýÁËÈϿɴËÊý¾Ýй¶ÊÂÎñÖ®±í£¬£¬£¬£¬ £¬£¬£¬¹È¸è»¹°ä·¢½«¹Ø¹ØGoogle+¡£¡£¡£¡£¡£¡£¡£¡£


  Ô­ÎÄÁ´½Ó£º
https://thehackernews.com/2018/10/google-plus-shutdown.html


3¡¢×êÑÐÍŶÓÔÚMikroTik·ÓÉÆ÷µÄRouterOSÖз¢ÏÖ¶à¸ö°²È«·ì϶

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website

Tenable ResearchÅû¶MikroTik·ÓÉÆ÷µÄRouterOSÖеÄ4¸ö°²È«·ì϶£¬£¬£¬£¬ £¬£¬£¬Ô̺¬¿Éµ¼ÖÂÔ¶³Ì´úÂëÖ´Ðеķì϶£¨CVE-2018-1156£©¡¢ÎļþÉÏ´«·ì϶£¨CVE-2018-1157£©¡¢ÄÚ´æ°Ü»µ·ì϶£¨CVE-2018-1159£©ÒÔ¼°²Ö¿âºÄ¾¡·ì϶£¨CVE-2018-1158£©¡£¡£¡£¡£¡£¡£¡£¡£ÆäÖÐÑϳÁÐÔ×î¸ßµÄ·ì϶ÊÇRCE·ì϶£¨CVE-2018-1156£©£¬£¬£¬£¬ £¬£¬£¬¹¥»÷Õß¿ÉÀûÓø÷ì϶»ñµÃÆëÈ«µÄϵͳ½Ó¼ûȨÏÞ¡£¡£¡£¡£¡£¡£¡£¡£MikroTikÔÚRouterOS 6.40.9¡¢6.42.7ºÍ6.43Öн¨¸´ÁËÕâЩ·ì϶¡£¡£¡£¡£¡£¡£¡£¡£


  Ô­ÎÄÁ´½Ó£º
https://www.tenable.com/blog/tenable-research-advisory-multiple-vulnerabilities-discovered-in-mikrotiks-routeros


4¡¢ÈüÃÅÌú¿Ë°ä²¼¹ØÓÚAPT28µÄмäµý»î¶¯µÄ·ÖÎö»ã±¨

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website

ÈüÃÅÌú¿Ë°ä²¼¹ØÓÚAPT28µÄ·ÖÎö»ã±¨¡£¡£¡£¡£¡£¡£¡£¡£APT28×Ô2007Äê1ÔÂÒÔÀ´Ò»Ïò»îÔ¾£¬£¬£¬£¬ £¬£¬£¬²¢ÔÚ2017ÄêºÍ2018Äê³ÖÐøÆäµý±¨ÍøÂç»î¶¯¡£¡£¡£¡£¡£¡£¡£¡£ÆäÔÚ2017ÄêºÍ2018ÄêµÄ¹¥»÷Ö¸±êÔ̺¬Ò»¸ö³ÛÃûµÄ¹ú¼Ê×éÖ¯¡¢Å·Ö޵ľüÊÂÖ¸±ê¡¢Å·ÖÞÈ·µ±¾Ö»ú¹¹¡¢Ò»¸öÄÏÃÀ¹ú¶ÈÈ·µ±¾Ö»ú¹¹ÒÔ¼°Ò»¸ö¶«Å·¹ú¶ÈµÄ´óʹ¹Ý¡£¡£¡£¡£¡£¡£¡£¡£ÆäʹÓõŤ¾ßÔ̺¬¶ñÒâÈí¼þSofacy¡¢Trojan.ShunnaelÒÔ¼°Trojan.Lojax¡£¡£¡£¡£¡£¡£¡£¡£×êÑÐÍŶӻ¹·¢ÏÖ¸Ã×éÖ¯ÓëÁíÒ»¸ö·¸×ï×éÖ¯Earworm´æÔÚ¹ØÁª¡£¡£¡£¡£¡£¡£¡£¡£


  Ô­ÎÄÁ´½Ó£º
https://www.symantec.com/blogs/election-security/apt28-espionage-military-government


5¡¢ÒÔÉ«Áйú¶È°²È«¾ÖÖÒ¸æÀûÓÃÓïÒôÐÅÏä½Ù³ÖWhatsAppÕË»§µÄй¥»÷

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website

ÒÔÉ«Áйú¶ÈÍøÂ簲ȫ¾Ö£¨INCSA£©°ä²¼¹ØÓÚͨ¹ýÓïÒôÐÅÏä½Ù³ÖWhatsAppÕË»§¹¥»÷µÄ¾¯±¨¡£¡£¡£¡£¡£¡£¡£¡£¾ÝÒÔÉ«Áе±¾Ö³Æ£¬£¬£¬£¬ £¬£¬£¬×î½ü¼¸ÖÜÄÚ´æÔÚ´óÁ¿Ê¹Óøü¼Êõµ¼ÖÂWhatsAppÕË»§±»½Ù³ÖµÄ»ã±¨¡£¡£¡£¡£¡£¡£¡£¡£Í¨¹ýÓïÒôÐÅÏäÀ´½Ù³ÖWhatsAppÕË»§ÊÇÒ»ÖÖÏà¶Ô½ÏÐµĹ¥»÷²½Ö裬£¬£¬£¬ £¬£¬£¬¸Ã²½Öè²»±ØÒªÈκθ߼¶¼¼Êõ»òÉ豸¡£¡£¡£¡£¡£¡£¡£¡£ÒÔÉ«Áе±¾Ö½¨ÒéÓû§ÔÚÓïÒôÐÅÏäÖÐʹÓÃÇ¿ÃÜÂë½øÐб£»£»£»£»£» £»£»¤£¬£¬£¬£¬ £¬£¬£¬»òÕ߯ôÓÃWhatsAppÕÊ»§µÄÁ½²½ÑéÖ¤Õ½Êõ¡£¡£¡£¡£¡£¡£¡£¡£


  Ô­ÎÄÁ´½Ó£º
https://www.zdnet.com/article/recent-wave-of-hijacked-whatsapp-accounts-traced-back-to-voicemail-hacking/


6¡¢¼ÓÖݽ«´Ó2020ÄêÆðÍ·½ûÓÃadminºÍpasswordµÈÈõÃÜÂë

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website

´Ó2020ÄêÆðÍ·£¬£¬£¬£¬ £¬£¬£¬³§ÉÌÔÚ¼ÓÀû¸£ÄáÑÇÖÝʹÓÃadminºÍpasswordµÈÈõĬÈÏÃÜÂ뽫ÊÇÎ¥·¨µÄ¡£¡£¡£¡£¡£¡£¡£¡£¸ÃÖÝÒÑͨ¹ýÒ»Ïî˾·¨£¨ÎïÁªÍøÒþÖÔ±£»£»£»£»£» £»£»¤·¨°¸£©£¬£¬£¬£¬ £¬£¬£¬Ö¼ÔÚΪ¸ÃµØÓòÔì×÷»òÏúÊÛµÄÎïÁªÍøÉ豸É趨¸ü¸ßµÄ°²È«³ß¶È¡£¡£¡£¡£¡£¡£¡£¡£¸Ã·¨°¸ÒªÇóÔÚÔì×÷ʱΪÿһ̨É豸ÌṩΨһµÄÃÜÂë¡£¡£¡£¡£¡£¡£¡£¡£¸Ã·¨°¸»¹ÔÊÐíÔâ·êËðʧµÄÊܺ¦Õ߸æ×´ºöÊӸ÷¨°¸µÄ¹«Ë¾ÒÔ»ñµÃÅâ³¥¡£¡£¡£¡£¡£¡£¡£¡£


  Ô­ÎÄÁ´½Ó£º
https://www.bbc.co.uk/news/amp/technology-45757528


ÉêÃ÷£º±¾×ÊѶÓÉ8827Ì«Ñô¼¯ÍÅάËûÃü°²È«Ó××é·­ÒëºÍÕû¶Ù