¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181009
°ä²¼¹¦·ò 2018-10-09
¡¶¶¨¼û¡·ÝÓÈÆ½øÒ»²½ÂäʵµçÁ¦ÆóÒµÍøÂ簲ȫÖ÷ÌåÔðÈΣ¬£¬£¬£¬£¬£¬£¬ÃÀÂúÍøÂ簲ȫ¼à¶½ÖÎÀíÌåÔì»úÔ죬£¬£¬£¬£¬£¬£¬¼Óǿȫ·½Î»ÍøÂ簲ȫÖÎÀí£¬£¬£¬£¬£¬£¬£¬Ç¿»¯¹Ø¼üÐÅÏ¢»ù´¡ÉèÊ©°²È«±£»£»£»£»£»£»£»¤£¬£¬£¬£¬£¬£¬£¬¼ÓÇ¿ÐÐÒµÍøÂ簲ȫ»ù´¡ÉèÊ©½¨É裬£¬£¬£¬£¬£¬£¬¼ÓÇ¿µçÁ¦ÆóÒµÊý¾Ý°²È«±£»£»£»£»£»£»£»¤£¬£¬£¬£¬£¬£¬£¬Ìá¸ßÍøÂç°²È«Ì¬ÊÆ¸ÐÖª¡¢Ô¤¾¯¼°Ó¦¼±´ëÖÃÄÜÁ¦£¬£¬£¬£¬£¬£¬£¬Ö§³ÖÍøÂ簲ȫ×ÔÖ÷´´ÐÂÓ밲ȫ¿É¿Ø£»£»£»£»£»£»£»»ý¼«Íƶ¯µçÁ¦ÐÐÒµÍøÂ簲ȫ²úÒµ½¡È«·¢Õ¹£¬£¬£¬£¬£¬£¬£¬Íƶ¯ÍøÂ簲ȫ¾üÃñÈÚºÏÉî¶È·¢Õ¹£¬£¬£¬£¬£¬£¬£¬¼ÓÇ¿ÍøÂ簲ȫÈ˲ÅÐÐÁн¨É裬£¬£¬£¬£¬£¬£¬ÍØÕ¹ÍøÂ簲ȫ¹ú¼ÊºÏ×÷µÈ12·½ÃæÌá³ö30Ìõ¾ßÌåÒªÇ󡣡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.ics-cert.org.cn/portal/page/132/0460854682f84a51baf925e95162aabb.html2¡¢ÉæÏÓÒþÂ÷50ÍòÓû§Êý¾Ýй¶£¬£¬£¬£¬£¬£¬£¬¹È¸è½«¹Ø¹ØÉç½»ÍøÂçGoogle+
ƾ¾Ý¹È¸èµÄ»ã±¨£¬£¬£¬£¬£¬£¬£¬Google+µÄPeople APIÖдæÔÚÒ»¸ö°²È«·ì϶£¬£¬£¬£¬£¬£¬£¬¿ÉÔÊÐíµÚÈý·½¿ª·¢Õß½Ó¼û³¬¹ý50ÍòÓû§µÄÊý¾Ý£¬£¬£¬£¬£¬£¬£¬Ô̺¬Óû§Ãû¡¢µç×ÓÓʼþµØÖ·¡¢Ö°Òµ¡¢µ®ÉúÈÕÆÚ¡¢Ó×ÎÒ×ÊÁÏÕÕÆ¬ÒÔ¼°ÐÔ±ðµÈÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£¹È¸èÔÚ2018Äê3Ô·¢ÏÖ²¢½¨¸´Á˸÷ì϶£¬£¬£¬£¬£¬£¬£¬µ«¸Ã¹«Ë¾Ñ¡Ôñ²»Ïò¹«¼ÒÅû¶´ËÊÂÎñ¡£¡£¡£¡£¡£¡£¡£¡£³ýÁËÈϿɴËÊý¾Ýй¶ÊÂÎñÖ®±í£¬£¬£¬£¬£¬£¬£¬¹È¸è»¹°ä·¢½«¹Ø¹ØGoogle+¡£¡£¡£¡£¡£¡£¡£¡£
https://thehackernews.com/2018/10/google-plus-shutdown.html
3¡¢×êÑÐÍŶÓÔÚMikroTik·ÓÉÆ÷µÄRouterOSÖз¢ÏÖ¶à¸ö°²È«·ì϶
Tenable ResearchÅû¶MikroTik·ÓÉÆ÷µÄRouterOSÖеÄ4¸ö°²È«·ì϶£¬£¬£¬£¬£¬£¬£¬Ô̺¬¿Éµ¼ÖÂÔ¶³Ì´úÂëÖ´Ðеķì϶£¨CVE-2018-1156£©¡¢ÎļþÉÏ´«·ì϶£¨CVE-2018-1157£©¡¢ÄÚ´æ°Ü»µ·ì϶£¨CVE-2018-1159£©ÒÔ¼°²Ö¿âºÄ¾¡·ì϶£¨CVE-2018-1158£©¡£¡£¡£¡£¡£¡£¡£¡£ÆäÖÐÑϳÁÐÔ×î¸ßµÄ·ì϶ÊÇRCE·ì϶£¨CVE-2018-1156£©£¬£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÀûÓø÷ì϶»ñµÃÆëÈ«µÄϵͳ½Ó¼ûȨÏÞ¡£¡£¡£¡£¡£¡£¡£¡£MikroTikÔÚRouterOS 6.40.9¡¢6.42.7ºÍ6.43Öн¨¸´ÁËÕâЩ·ì϶¡£¡£¡£¡£¡£¡£¡£¡£
https://www.tenable.com/blog/tenable-research-advisory-multiple-vulnerabilities-discovered-in-mikrotiks-routeros
4¡¢ÈüÃÅÌú¿Ë°ä²¼¹ØÓÚAPT28µÄмäµý»î¶¯µÄ·ÖÎö»ã±¨
ÈüÃÅÌú¿Ë°ä²¼¹ØÓÚAPT28µÄ·ÖÎö»ã±¨¡£¡£¡£¡£¡£¡£¡£¡£APT28×Ô2007Äê1ÔÂÒÔÀ´Ò»Ïò»îÔ¾£¬£¬£¬£¬£¬£¬£¬²¢ÔÚ2017ÄêºÍ2018Äê³ÖÐøÆäµý±¨ÍøÂç»î¶¯¡£¡£¡£¡£¡£¡£¡£¡£ÆäÔÚ2017ÄêºÍ2018ÄêµÄ¹¥»÷Ö¸±êÔ̺¬Ò»¸ö³ÛÃûµÄ¹ú¼Ê×éÖ¯¡¢Å·Ö޵ľüÊÂÖ¸±ê¡¢Å·ÖÞÈ·µ±¾Ö»ú¹¹¡¢Ò»¸öÄÏÃÀ¹ú¶ÈÈ·µ±¾Ö»ú¹¹ÒÔ¼°Ò»¸ö¶«Å·¹ú¶ÈµÄ´óʹ¹Ý¡£¡£¡£¡£¡£¡£¡£¡£ÆäʹÓõŤ¾ßÔ̺¬¶ñÒâÈí¼þSofacy¡¢Trojan.ShunnaelÒÔ¼°Trojan.Lojax¡£¡£¡£¡£¡£¡£¡£¡£×êÑÐÍŶӻ¹·¢ÏÖ¸Ã×éÖ¯ÓëÁíÒ»¸ö·¸×ï×éÖ¯Earworm´æÔÚ¹ØÁª¡£¡£¡£¡£¡£¡£¡£¡£
https://www.symantec.com/blogs/election-security/apt28-espionage-military-government
5¡¢ÒÔÉ«Áйú¶È°²È«¾ÖÖÒ¸æÀûÓÃÓïÒôÐÅÏä½Ù³ÖWhatsAppÕË»§µÄй¥»÷
ÒÔÉ«Áйú¶ÈÍøÂ簲ȫ¾Ö£¨INCSA£©°ä²¼¹ØÓÚͨ¹ýÓïÒôÐÅÏä½Ù³ÖWhatsAppÕË»§¹¥»÷µÄ¾¯±¨¡£¡£¡£¡£¡£¡£¡£¡£¾ÝÒÔÉ«Áе±¾Ö³Æ£¬£¬£¬£¬£¬£¬£¬×î½ü¼¸ÖÜÄÚ´æÔÚ´óÁ¿Ê¹Óøü¼Êõµ¼ÖÂWhatsAppÕË»§±»½Ù³ÖµÄ»ã±¨¡£¡£¡£¡£¡£¡£¡£¡£Í¨¹ýÓïÒôÐÅÏäÀ´½Ù³ÖWhatsAppÕË»§ÊÇÒ»ÖÖÏà¶Ô½ÏÐµĹ¥»÷²½Ö裬£¬£¬£¬£¬£¬£¬¸Ã²½Öè²»±ØÒªÈκθ߼¶¼¼Êõ»òÉ豸¡£¡£¡£¡£¡£¡£¡£¡£ÒÔÉ«Áе±¾Ö½¨ÒéÓû§ÔÚÓïÒôÐÅÏäÖÐʹÓÃÇ¿ÃÜÂë½øÐб£»£»£»£»£»£»£»¤£¬£¬£¬£¬£¬£¬£¬»òÕ߯ôÓÃWhatsAppÕÊ»§µÄÁ½²½ÑéÖ¤Õ½Êõ¡£¡£¡£¡£¡£¡£¡£¡£
https://www.zdnet.com/article/recent-wave-of-hijacked-whatsapp-accounts-traced-back-to-voicemail-hacking/
6¡¢¼ÓÖݽ«´Ó2020ÄêÆðÍ·½ûÓÃadminºÍpasswordµÈÈõÃÜÂë
´Ó2020ÄêÆðÍ·£¬£¬£¬£¬£¬£¬£¬³§ÉÌÔÚ¼ÓÀû¸£ÄáÑÇÖÝʹÓÃadminºÍpasswordµÈÈõĬÈÏÃÜÂ뽫ÊÇÎ¥·¨µÄ¡£¡£¡£¡£¡£¡£¡£¡£¸ÃÖÝÒÑͨ¹ýÒ»Ïî˾·¨£¨ÎïÁªÍøÒþÖÔ±£»£»£»£»£»£»£»¤·¨°¸£©£¬£¬£¬£¬£¬£¬£¬Ö¼ÔÚΪ¸ÃµØÓòÔì×÷»òÏúÊÛµÄÎïÁªÍøÉ豸É趨¸ü¸ßµÄ°²È«³ß¶È¡£¡£¡£¡£¡£¡£¡£¡£¸Ã·¨°¸ÒªÇóÔÚÔì×÷ʱΪÿһ̨É豸ÌṩΨһµÄÃÜÂë¡£¡£¡£¡£¡£¡£¡£¡£¸Ã·¨°¸»¹ÔÊÐíÔâ·êËðʧµÄÊܺ¦Õ߸æ×´ºöÊӸ÷¨°¸µÄ¹«Ë¾ÒÔ»ñµÃÅâ³¥¡£¡£¡£¡£¡£¡£¡£¡£
https://www.bbc.co.uk/news/amp/technology-45757528
ÉêÃ÷£º±¾×ÊѶÓÉ8827Ì«Ñô¼¯ÍÅάËûÃü°²È«Ó××é·ÒëºÍÕû¶Ù


¾©¹«Íø°²±¸11010802024551ºÅ