¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181128
°ä²¼¹¦·ò 2018-11-28
Ò»¸ö¿í·ºÊ¹ÓõÄNodeJSÄ£¿£¿£¿£¿£¿£¿éEvent-Stream±»·¢ÏÖϰȾÁ˶ñÒâ´úÂ룬£¬£¬£¬£¬¿ÉÇÔÈ¡±ÈÌØ±ÒÇ®°üÖеÄ×ʽ𡣡£¡£¡£¡£¡£Event-StreamÊÇÒ»¸öµÚÈý·½¿â£¬£¬£¬£¬£¬ÓÃÓÚ´¦ÖÃNode.jsÁ÷Êý¾Ý£¬£¬£¬£¬£¬ÆäÒ»ÖܵÄÏÂÔØÁ¿¾Í¿¿½ü200Íò´Î¡£¡£¡£¡£¡£¡£¸Ã¶ñÒâ´úÂë´æÔÚÓÚEvent-Stream°æ±¾3.3.6ÖУ¬£¬£¬£¬£¬Ä¿Ç°¸Ã°æ±¾Òѱ»É¾³ý£¬£¬£¬£¬£¬Óû§¿É¸üÐÂÖÁ×îа汾4.0.1¡£¡£¡£¡£¡£¡£ÊÂÎñµÄÆðÒòÊÇEvent-StreamµÄÔ×÷ÕßDominic Tarr½«ÏîÖ÷ÕÅ¿ª·¢ºÍÊØ»¤½»¸øÁËÁíÒ»Ãû×÷Õßright9ctrl£¬£¬£¬£¬£¬µ«right9ctrlËæºó°ä²¼ÁËÔ̺¬¶ñÒâ´úÂëµÄ°æ±¾¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://thehackernews.com/2018/11/nodejs-event-stream-module.html2¡¢×êÑÐÈËÔ±·¢ÏÖÕë¶ÔÒâ´óÀûµÄÐÂÀ¬»øÓʼþ»î¶¯sLoad
CERT-Yoroi·¢ÏÖÒ»¸öÕë¶ÔÒâ´óÀûµÄÐÂÀ¬»øÓʼþ»î¶¯£¬£¬£¬£¬£¬¸Ã»î¶¯ÖØÒª·Ö·¢sLoadµÄбäÖÖ¡£¡£¡£¡£¡£¡£sLoadµÄÖ°ÄÜ׳´ó£¬£¬£¬£¬£¬ËüÄܹ»½ØÈ¡ÆÁÄ»¡¢¶ÁÈ¡¹ý³ÌÁÐ±í¡¢»ñÈ¡DNS»º´æ¡¢ÇÔÈ¡outlookÓʼþÄÚÈݵȡ£¡£¡£¡£¡£¡£¸Ã»î¶¯ÖÐsLoadͨ¹ýÀ¬»øÓʼþÖеÄzip¸½¼þ½øÐзַ¢¡£¡£¡£¡£¡£¡£Ä¿Ç°»¹²»Ã÷ÏԸûÊÇÒ»¸öеķ¸×ïÍÅ»ïËùΪ»¹ÊÇÒÑÖªµÄ·¸×ïÍÅ»ïŤתÁËËüÃǵÄTTP¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/78468/malware/sload-malspam-hit-italy.html3¡¢×êÑÐÍŶӷ¢ÏÖÕë¶ÔÖж«µØÓòµÄ¶ñÒâ»î¶¯DNSpionage
˼¿ÆTalos·¢ÏÖÕë¶ÔÀè°ÍÄۺͰ¢ÁªÇõµ±¾ÖÍøÕ¾ÒÔ¼°Ò»¼ÒÀè°ÍÄÛº½¿Õ¹«Ë¾µÄжñÒâ»î¶¯¡£¡£¡£¡£¡£¡£Æ¾¾ÝTalos¶ÔÆä»ù´¡ÉèÊ©ºÍTTPµÄµ÷²éÁ˾֣¬£¬£¬£¬£¬¸Ã¶ñÒâ»î¶¯ÎÞ·¨ÓëÈκÎÒÑÖªµÄ¹¥»÷Õß½øÐйØÁª¡£¡£¡£¡£¡£¡£Ä¿Ç°»¹²»ÄÜÈ·¶¨¹¥»÷ÕßµÄÖ÷ÕÅ£¬£¬£¬£¬£¬Ò²²»Ã÷ÏÔ¹¥»÷ÕßÓÃÓÚ·Ö·¢¶ñÒâÎĵµµÄ²½Ö裬£¬£¬£¬£¬µ«×îÓпÉÄܵÄÊÇͨ¹ýÓã²æÊ½´¹µö»î¶¯»òÉ罻ýÌåÆ½Ì¨½øÐзַ¢¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±Ôڻ㱨ÖÐÅû¶Á˸ü¶àµÄ¼¼Êõϸ½ÚºÍ¹¥»÷¹¦·òÖá¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html4¡¢ÃÀ¹úiOSÓû§Ôâ´ó¹æÄ£¶ñÒâ¸æ°×»î¶¯¹¥»÷
°²È«³§ÉÌConfiant·¢ÏÖÒ»¸öÕë¶ÔÃÀ¹úiOSÓû§µÄ´ó¹æÄ£¶ñÒâ¸æ°×»î¶¯¡£¡£¡£¡£¡£¡£11ÔÂ12ÈոöñÒâ»î¶¯·è¿ñìÉý£¬£¬£¬£¬£¬·¸×ï·Ö×ÓÔÚ48Ó×ʱÄÚ½Ù³ÖÁ˳¬¹ý3ÒÚ¸öä¯ÀÀÆ÷»á»°¡£¡£¡£¡£¡£¡£¸Ã¶ñÒâ»î¶¯Í¨¹ýºÏ·¨ÍøÕ¾ÉϵĶñÒâ¸æ°×½«Óû§³Á¶¨ÏòÖÁһϵÁеÄÒ»Ê±ÍøÕ¾£¬£¬£¬£¬£¬²¢ÏòÓû§ÍÆËͳÉÈËÍøÕ¾»òÀñÎ│Ö÷ÌâµÄڿƻ¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±½«¸Ã¶ñÒâ»î¶¯¹ØÁªÖÁ·¸×ïÍÅ»ïScamClub¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/us-ios-users-targeted-by-massive-malvertising-campaign/5¡¢¶íº¥¶íÖÝÒ½ÔºÔâÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬£¬£¬¼¹Øï·þÎñ±»ÆÈÖжÏ
¾ÝThe Times Leader±¨Â·£¬£¬£¬£¬£¬11ÔÂ23ÈÕÐÇÆÚÎåÍíÉ϶«¶íº¥¶íµØÓòÒ½ÔººÍ¶íº¥¶í¹ÈÒ½ÁÆÖÐÐĵÄÍÆËã»úϵͳÔâÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬£¬£¬ÒÔÖÁÒ½ÔºµÄ¼¹Øï·þÎñ±»ÆÈÖжϡ£¡£¡£¡£¡£¡£¸ÃµØÓòµÄ¼¹ØïÐÐÁÐÒѽ«²¡ÈË×ªÒÆÖÁÆäËüµØÓòµÄÒ½Ôº¡£¡£¡£¡£¡£¡£ºÃÐÂÎÅÊÇ£¬£¬£¬£¬£¬Ã»Óл¼ÕßµÄÊý¾ÝÔÚÕâ´Î¹¥»÷ÊÂÎñÖÐй¶¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/78441/breaking-news/ohio-hospital-system-ransomware.html6¡¢UberÒò2016ÄêÊý¾Ýй¶±»ºÉÀ¼ºÍÓ¢¹ú·£¿£¿£¿£¿£¿£¿î120ÍòÃÀÔª
Ó¢¹úµÄÐÅϢרԱ°ì¹«ÊÒ£¨ICO£©ÒÔ¼°ºÉÀ¼µÄÊý¾Ý±£»£»£»£»£»£»£»£»¤»ú¹¹Autoriteit Persoonsgegevens±ðÀëÒò2016Äê10ÔµÄÊý¾Ýй¶ÊÂÎñ¶ÔUber´¦ÒÔ38.5ÍòÓ¢°÷ºÍ60ÍòÅ·ÔªµÄ·£¿£¿£¿£¿£¿£¿î¡£¡£¡£¡£¡£¡£ICO°µÊ¾¸ÃÊÂÎñÓ°ÏìÁËÓ¢¹úµÄ270ÍòUberÓû§ÒÔ¼°8.2Íò˾»ú¡£¡£¡£¡£¡£¡£ºÉÀ¼DPA³ÆÓÐ17.4ÍòºÉÀ¼¹«ÃñÊܵ½Ó°Ïì¡£¡£¡£¡£¡£¡£·£¿£¿£¿£¿£¿£¿îµÄÖØÒªÔÒòÊÇUberÑÓ³¤Á˽üÒ»Äê²Å»ã±¨Õâ´Îй¶ÊÂÎñ£¬£¬£¬£¬£¬ÕâÑϳÁÎ¥·´ÁËÓйØË¾·¨ÌõÀý£¬£¬£¬£¬£¬²¢ÇÒʹÊÜÓ°ÏìµÄÓû§ºÍ˾»úÃæ¶Ô¸ü¸ßµÄڲƷçÏÕ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/uber-fined-for-covering-up-2016-data-breach/
ÉêÃ÷£º±¾×ÊѶÓÉ8827Ì«Ñô¼¯ÍÅάËûÃü°²È«Ó××é·ÒëºÍÕû¶Ù


¾©¹«Íø°²±¸11010802024551ºÅ