¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181226
°ä²¼¹¦·ò 2018-12-26
MWR InfoSecurityµÄ×êÑÐÈËÔ±·¢ÏÖTwinkly LEDÖÇÄܵƴæÔÚ°²È«·ì϶£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÄܹ»ÀûÓø÷ì϶Զ³Ì½ÚÔìÕâЩµÆ¡£¡£¡£¡£¡£¡£¡£¡£TwinklyµÆÄܹ»Í¨¹ýÒÆ¶¯appÀ´ÖÎÀí£¬£¬£¬£¬£¬£¬£¬µ«¸ÃappÓëµÆÖ®¼äûÓÐѡȡ¼ÓÃÜͨѶ£¬£¬£¬£¬£¬£¬£¬ÆäÉí·ÝÑéÖ¤¹ý³Ì´æÔÚ·ì϶£¬£¬£¬£¬£¬£¬£¬×êÑÐÈËÔ±Äܹ»ÀûÓù̼þÖеÄÓ²±àÂëÍ´´¦Í¨¹ýMQTTºÍ̸Զ³Ì½ÚÔìµÆ£¬£¬£¬£¬£¬£¬£¬ÉõÖÁÄܹ»ÀûÓõƹâµÄ±ä¶¯À´ÍæÌ°³ÔÉß¡£¡£¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±¹À¼Æ»¥ÁªÍøÉÏÔ¼ÓÐ2Íǫ̀É豸Ò×Êܹ¥»÷£¬£¬£¬£¬£¬£¬£¬µ«ÕâÖÖ¹¥»÷µÄ·çÏÕÐÔ²»´ó£¬£¬£¬£¬£¬£¬£¬¸ü¶àµØÀàËÆÓÚ¶ñ×÷¾ç¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/hacking-christmas-lights-for-fun-and-mischief/2¡¢IBM Trusteer Rapport for MacOS´æÔÚÄں˼¶·ì϶£¬£¬£¬£¬£¬£¬£¬ÉÐÎÞ½¨¸´²¹¶¡
Trustwave SpiderLabsµÄ×êÑÐÈËÔ±·¢ÏÖIBM Trusteer RapportÖն˰²È«¹¤¾ßµÄÇý¶¯·¨Ê½´æÔÚÒ»¸öÄں˼¶·ì϶£¬£¬£¬£¬£¬£¬£¬ÓÉÓÚIBMδÄÜÔÚ120ÌìÄÚ°ä²¼½¨¸´²¹¶¡£¬£¬£¬£¬£¬£¬£¬×êÑÐÈËÔ±Ïò¹«¼ÒÅû¶ÁËÕâ¸ö·ì϶¡£¡£¡£¡£¡£¡£¡£¡£Trusteer Rapport for MacOSÓÃÓÚÔÚÓû§Ïνӵ½¶ñÒâÍøÕ¾Ê±Ëø¶¨ä¯ÀÀÆ÷£¬£¬£¬£¬£¬£¬£¬±£»£»£»£»£»¤Óû§µÄÃô¸ÐÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±·¢ÏÔìäÇý¶¯·¨Ê½ÔÚ´¦ÖÃÓû§»º³åÇøÊ±´æÔÚ·ûºÅÃýÎ󣬣¬£¬£¬£¬£¬£¬¸ÃÃýÎó¿Éµ¼ÖÂMacOSÄÚºËÖеÄÄÚ´æ°Ü»µ£¬£¬£¬£¬£¬£¬£¬²¢×îÖÕµ¼ÖÂÄں˼¶ËÁÒâ´úÂëÖ´ÐÓ×£¡£¡£¡£¡£¡£¡£¡£¸Ã·ì϶ֻÄÜͨ¹ý±¾µØ¹¥»÷À´ÀûÓ㬣¬£¬£¬£¬£¬£¬ÕâÉÔ΢¼õÇáÁËÆä·çÏÕ¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/79141/hacking/kernel-buffer-overflow-trusteer-rapport.html3¡¢ÒøÐÐľÂíDanaBot£¬£¬£¬£¬£¬£¬£¬ÖØÒªÕë¶ÔÅ·ÖÞÒøÐк͵ç×ÓÓʼþ·þÎñÉÌ
F5 Networks·¢ÏÖÒøÐÐľÂíDanaBotÔÚ2018Äê11ÔÂ7ÈÕÖÁ12ÔÂ4ÈÕÆÚ¼ä¼«¶È»îÔ¾£¬£¬£¬£¬£¬£¬£¬ÆäÖ¸±êº¸ÇÁ˶à¸ö¹ú¶ÈµÄ¶à¸öÐÐÒµ£¬£¬£¬£¬£¬£¬£¬Ô̺¬ÒøÐÓ×¢µç×ÓÓʼþ·þÎñÉ̺ͱÈÌØ±ÒÂòÂôËù¡£¡£¡£¡£¡£¡£¡£¡£DanaBot 88%µÄÖ¸±êÊÇÒøÐÐÓû§£¬£¬£¬£¬£¬£¬£¬ÖØÒªÕë¶ÔÒâ´óÀû£¬£¬£¬£¬£¬£¬£¬Æä´ÎΪ²¨À¼ºÍµÂ¹ú¡£¡£¡£¡£¡£¡£¡£¡£11%µÄÖ¸±êΪµç×ÓÓʼþ·þÎñÉÌ£¬£¬£¬£¬£¬£¬£¬ÖØÒªÕë¶ÔÃÀ¹ú¡£¡£¡£¡£¡£¡£¡£¡£11ÔÂ21ÈÕΪDanaBot¶ñÒâ»î¶¯µÄ×î¶¥·å¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.f5.com/labs/articles/threat-intelligence/danabot-november-campaigns-target-european-banks4¡¢Õë¶ÔÈÕ±¾¹«ÃñµÄº£Ð¥Ô¤¾¯À¬»øÓʼþ£¬£¬£¬£¬£¬£¬£¬ÖØÒª·Ö·¢Smoke LoaderºÍAZORult
2018Äê11ÔÂFortiGuard Labs·¢ÏÖÒ»¸öÕë¶ÔÈÕ±¾¹«ÃñµÄº£Ð¥Ô¤¾¯À¬»øÓʼþ»î¶¯£¬£¬£¬£¬£¬£¬£¬¸ÃÀ¬»øÓʼþÔ̺¬Ò»¸öÖ¸ÏòÈÕ±¾ÐÎÏóÌü£¨JMA£©µÄ¶ñÒâÁ´½Ó£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚ·Ö·¢Smoke LoaderľÂíºÍAZORultľÂí¡£¡£¡£¡£¡£¡£¡£¡£Ä¿Ç°Õâ¸öÐéαµÄJMAÍøÕ¾ÒÀÈ»ÔÚ³äÈÎAZORultµÄC&C·þÎñÆ÷£¬£¬£¬£¬£¬£¬£¬²¢½«Óû§³Á¶¨Ïòµ½ºÏ·¨µÄJMAÍøÕ¾¡£¡£¡£¡£¡£¡£¡£¡£À¬»øÓʼþÖеÄÄÚÈÝûÓÐʹÓÃÔÉúÈÕÓ£¬£¬£¬£¬£¬£¬²¢ÇÒ´æÔÚÓï·¨ÃýÎ󣬣¬£¬£¬£¬£¬£¬Òò¶øËüÃÇ¿ÉÄÜÊÇÓɱí¹úÈ˱àдµÄ»òÊÇ»úе·ÒëµÄ¡£¡£¡£¡£¡£¡£¡£¡£11ÔÂ25ÈÕÖ®ºó£¬£¬£¬£¬£¬£¬£¬´Ó¶ñÒâÁ´½ÓÏÂÔØµÄ¶ñÒâÈí¼þ´ÓSmoke Loader¸ü¸ÄΪAZORult£¬£¬£¬£¬£¬£¬£¬ËüÃǵÄC&CÓòÃû¶¼ÊÇjma-go[.]jp¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.fortinet.com/blog/threat-research/fake-tsunami-brings-malware-to-japan.html5¡¢×î³õ·¢×÷18¸öÔº󣬣¬£¬£¬£¬£¬£¬ÈÔº±¼ûÊ®ÍòÌ¨ÍÆËã»úϰȾWannaCry
ƾ¾ÝKryptos LogicµÄÍþвµý±¨Ö÷¹ÜJamie HankinsµÄ×êÑУ¬£¬£¬£¬£¬£¬£¬ÔÚWannaCry×î³õ·¢×÷µÄ18¸öÔº󣬣¬£¬£¬£¬£¬£¬ÈÔº±¼ûÊ®ÍòÌ¨ÍÆËã»úϰȾÁ˸ÃÀÕË÷Èí¼þ¡£¡£¡£¡£¡£¡£¡£¡£¸ÃÀÕË÷Èí¼þµÄkill switchÓòÃû´Ë¿ÌÍйÜÔÚCloudflareÉÏ£¬£¬£¬£¬£¬£¬£¬Æ¾¾ÝHankinsµÄÊý¾Ý£¬£¬£¬£¬£¬£¬£¬WannaCryµÄkill switchÓòÃûÔÚÒ»ÖÜÄڽӹܵ½³¬¹ý1700Íò¸öÏνӣ¬£¬£¬£¬£¬£¬£¬ÕâЩÏνÓÀ´×Ô³¬¹ý63Íò¸ö·ÖÆçµÄIPµØÖ·£¬£¬£¬£¬£¬£¬£¬º¸Ç194¸ö·ÖÆçµÄ¹ú¶È/µØÓò¡£¡£¡£¡£¡£¡£¡£¡£ÒÀÈ»Êܵ½WannaCryϰȾµÄ¹ú¶ÈÅÅÃûÖÐÖйú¡¢Ó¡¶ÈÄáÎ÷ÑǺÍÔ½ÄÏ·ÖÁÐǰÈý¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/18-months-later-wannacry-still-lurks-on-infected-computers/6¡¢IBM X-Force°ä²¼2019ÄêÍøÂç·¸×ïÍþвԶ¾°µÄÔ¤²â»ã±¨
IBM X-Force°ä²¼¹ØÓÚ2019ÄêÍøÂç·¸×ïÍþв¸ñ¾ÖµÄÔ¤²â»ã±¨£¬£¬£¬£¬£¬£¬£¬»ã±¨³Æ2019ÄêÆóÒµ½«Ï÷¼õʹÓÃÉç±£ºÅÂë×÷ΪÉí·ÝÑéÖ¤±êʶ£»£»£»£»£»GDPR½«¶ÔÍþвµý±¨¡¢ÍøÂ簲ȫ´øÀ´¸ü¿í·ºµÄÓ°Ï죻£»£»£»£»¹¥»÷Õß½«¸ü¶àµØÀûÓÃÃæÏò¹«¼ÒµÄ×ÔÖ÷·þÎñÏµÍ³ÍøÂçÓмÛÖµµÄÓû§Êý¾Ý£»£»£»£»£»ÍøÂ簲ȫ±£ÏÕ·þÎñÉ̽«¸ü¶àµØÓ밲ȫ¹©¸øÉ̽øÐкÏ×÷£»£»£»£»£»·¸×ï·Ö×Ó½«¸ü¶àµØÕë¶ÔÓÎÀÀ¡¢¾ÆµêÒµµÄÊý¾Ý£»£»£»£»£»Ò»Ð©¹ÉƱÂô¿Õ¿ÉÄÜÓëÍøÂç¹¥»÷Óйأ¬£¬£¬£¬£¬£¬£¬2019Ä꽫»áÅû¶һЩÊÂÎñ»ò»î¶¯£»£»£»£»£»¶ñÒâÍÚ¿ó¹¥»÷½«¸ü¶àµØÀûÓÃPowerShellÒÔÎÞÎļþµÄ´ó¾Ö½øÐÓ×£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityintelligence.com/ibm-x-force-security-predictions-for-the-2019-cybercrime-threat-landscape/ÉêÃ÷£º±¾×ÊѶÓÉ8827Ì«Ñô¼¯ÍÅάËûÃü°²È«Ó××é·ÒëºÍÕû¶Ù


¾©¹«Íø°²±¸11010802024551ºÅ