Docker Image rootÕË»§¿ÕÃÜÂ룻£»£»£»£»£»£»£»ÈýÐÇSmartThingsÔ´Âëй¶£»£»£»£»£»£»£»£»Turla APT

°ä²¼¹¦·ò 2019-05-10

1¡¢Alpine LinuxµÄDocker Image´æÔÚrootÕË»§¿ÕÃÜÂë·ì϶

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Alpine LinuxµÄ¹Ù·½Docker¾µÏñ´æÔÚrootÕË»§¿ÕÃÜÂë·ì϶£¨CVE-2019-5021£©¡£¡£ ¡£¡£¡£¡£¸Ã·ì϶ÒѾ­´æÔÚÁ˳¬¹ý3ÄêµÄ¹¦·ò£¬ £¬£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·ÖΪ9.8·Ö¡£¡£ ¡£¡£¡£¡£¸Ã·ì϶×î³õÓÚ2015Äê·¢ÏÖ²¢±»½¨¸´£¬ £¬£¬£¬£¬£¬£¬£¬µ«2015Äê12Ô·ݵĸü¸Äµ¼Ö·ì϶ÔٴγöÏÖ£¬ £¬£¬£¬£¬£¬£¬£¬²¢ÇÒÒ»Ïò´æÔÚ¡£¡£ ¡£¡£¡£¡£¾ßÌåÀ´Ëµ£¬ £¬£¬£¬£¬£¬£¬£¬Óû§ÕË»§µÄÅäÖÃÖÎÀíÎļþ/etc/shadowÖÐÔ̺¬¿ÕȱµÄsp_pwdp×ֶΣ¬ £¬£¬£¬£¬£¬£¬£¬¶ø²»ÊǼÓÃܵÄÃÜÂë¡£¡£ ¡£¡£¡£¡£ÊÜÓ°ÏìµÄ°æ±¾Ô̺¬Alpine Docker 3.3¡¢3.4¡¢3.5¡¢3.6¡¢3.7¡¢3.8¡¢3.9ºÍAlpine Docker Edge¡£¡£ ¡£¡£¡£¡£¸Ã·ì϶ÒÑÓÚ2019Äê3ÔÂ8ÈÕ±»½¨¸´¡£¡£ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/bug-in-alpine-linux-docker-image-leaves-root-account-unlocked/


2¡¢¹È¸è°ä²¼5ÔÂAndroid°²È«¸üУ¬ £¬£¬£¬£¬£¬£¬£¬½¨¸´15¸ö·ì϶

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


¹È¸èÔÚ5Ô·ݵÄAndroid°²È«¸üÐÂÖн¨¸´ÁË15¸ö·ì϶£¬ £¬£¬£¬£¬£¬£¬£¬ÆäÖÐÔ̺¬4¸öÑϳÁ·ì϶£¬ £¬£¬£¬£¬£¬£¬£¬10¸ö¸ßΣ·ì϶ºÍ1¸öÖÐΣ·ì϶¡£¡£ ¡£¡£¡£¡£Õâ4¸öÑϳÁ·ì϶£¨CVE-2019-2045£¬ £¬£¬£¬£¬£¬£¬£¬CVE-2019-2046£¬ £¬£¬£¬£¬£¬£¬£¬CVE-2019-2047ºÍCVE-2019-2044£©¾ùΪԶ³Ì´úÂëÖ´Ðзì϶£¬ £¬£¬£¬£¬£¬£¬£¬ÆäÖÐÈý¸öÓëϵͳÖ÷ÌâÀûÓÃÓйأ¨²¦ºÅÆ÷¡¢µç×ÓÓʼþºÍÏà»ú£©£¬ £¬£¬£¬£¬£¬£¬£¬µÚËĸöÓëýÌå¿ò¼Ü×é¼þÓйØ£¬ £¬£¬£¬£¬£¬£¬£¬Ä¿Ç°ÔÝδÅû¶¸ü¶à²¹¶¡Ï¸½Ú¡£¡£ ¡£¡£¡£¡£´Ë±í£¬ £¬£¬£¬£¬£¬£¬£¬¹È¸è»¹°ä²¼ÁËNVIDIA¡¢BroadcomºÍQualcommµÈµÚÈý·½¹©¸øÉÌ×é¼þÖеĶà¸ö·ì϶²¹¶¡£¬ £¬£¬£¬£¬£¬£¬£¬Ê¹µÃ½¨¸´µÄCVE×ÜÊý´ï30¸ö¡£¡£ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://threatpost.com/google-critical-remote-code-execution-flaws-android/144497/


3¡¢ÈýÐÇÒâ±íй¶SmartThingsÔ´Âë¼°¶à¸öÏîÖ÷ÕÅÄÚ²¿ÃÜÔ¿

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ÈýÐǹ¤³ÌʦµÄÒ»¸öGitLab·þÎñÆ÷±»ÃýÎóµØÅäÖÃΪpublic²¢ÇÒδÉèÖÃÃÜÂë±£»£»£»£»£»£»£»£»¤£¬ £¬£¬£¬£¬£¬£¬£¬µ¼Ö´óÁ¿Ãô¸ÐÐÅϢй¶¡£¡£ ¡£¡£¡£¡£¸Ã·þÎñÆ÷ÍйÜÔÚÈýÐǵÄÓòÃûVandev LabÉÏ£¬ £¬£¬£¬£¬£¬£¬£¬Æ¾¾ÝµÏ°Ý°²È«³§ÉÌSpiderSilk×êÑÐÈËÔ±Mossab HusseinµÄ·¢ÏÖ£¬ £¬£¬£¬£¬£¬£¬£¬¸Ã·þÎñÆ÷й¶ÁËSmartThingsÈí¼þµÄÔ´´úÂëºÍ˽ÓÐÖ¤Ê飬 £¬£¬£¬£¬£¬£¬£¬»¹Ð¹Â¶Á˶àÃûÔ±¹¤µÄÃ÷ÎÄ˽ÓÐGitLabÁîÅÆÒÔ¼°Ò»Ð©ÄÚ²¿ÎĵµºÍPPT¡£¡£ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://techcrunch.com/2019/05/08/samsung-source-code-leak/


4¡¢ºÚ¿ÍÍÅ»ïй¶3ÍòÃûÂÞÂíÂÉʦµÄÓ×ÎÒÃô¸ÐÊý¾Ý

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ºÚ¿ÍÍÅ»ïLulZSecºÍItaÔÚÍøÉϰ䲼ÁË3ÍòÃûÂÞÂíÂÉʦµÄÓ×ÎÒÊý¾Ý£¬ £¬£¬£¬£¬£¬£¬£¬ÆäÖÐÉõÖÁÔ̺¬ÂÞÂíÊ㤵ÄÊý¾Ý¡£¡£ ¡£¡£¡£¡£¾Ý±¨Â·ºÚ¿ÍÍÅ»ïÇÔÈ¡ÁËÔÚÂíÌ©À­ºÍ¿¨Ì¹ÔúÂÞ×¢²áµÄÂÉʦÐÅÏ¢£¬ £¬£¬£¬£¬£¬£¬£¬±»µÁÊý¾ÝÔ̺¬µç×ÓÓʼþÕË»§¡¢Ó×ÎÒÐÅÏ¢ºÍ½Ó¼ûPECÕÊ»§µÄÖ¤¾Ý¡£¡£ ¡£¡£¡£¡£ºÚ¿ÍÍŻﲢûÓжÔÕâЩÊý¾ÝÌá³öÀÕË÷£¬ £¬£¬£¬£¬£¬£¬£¬²¢³Æ²»»áÀûÓÃÕâЩÊý¾Ý½øÐжñÒâ»î¶¯¡£¡£ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://cyware.com/news/lulzsec-and-ita-hacktivist-groups-publish-the-personal-data-of-30000-roman-lawyers-6ac94567


5¡¢Turla APTÀûÓÃLightNeuronºóÃŽٳÖExchange·þÎñÆ÷

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ƾ¾ÝESET×êÑÐÈËÔ±µÄ»ã±¨£¬ £¬£¬£¬£¬£¬£¬£¬×Ô2014ÄêÒÔÀ´¶íÂÞ˹·¸×ïÍÅ»ïTurla APTÒ»ÏòÔÚʹÓÃLightNeuronºóÃŽٳÖMicrosoft ExchangeÓʼþ·þÎñÆ÷¡£¡£ ¡£¡£¡£¡£×êÑÐÈËÔ±·¢ÏÖµÄÊܺ¦×éÖ¯Ô̺¬°ÍÎ÷µÄÒ»¸ö×éÖ¯ºÍ¶«Å·¼°Öж«µÄ±í½»»ú¹¹¡£¡£ ¡£¡£¡£¡£LightNeuronÊǵÚÒ»¸öÕë¶ÔExchange·þÎñÆ÷µÄ¶ñÒâÈí¼þ£¬ £¬£¬£¬£¬£¬£¬£¬ËüÄܹ»²é¿´ºÍÅú¸Äͨ¹ýÓʼþ·þÎñÆ÷·¢Ë͵ÄÈκεç×ÓÓʼþ¡¢×«Ð´ºÍ·¢ËÍÐÂÓʼþÒÔ¼°×èÖ¹Èκεç×ÓÓʼþ¡£¡£ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://cyware.com/news/turla-threat-actor-group-hijacks-microsoft-exchange-mail-server-using-sophisticated-lightneuron-backdoor-d615cc04


6¡¢US-CERT°ä²¼Lazarus APT¶ñÒ⹤¾ßELECTRICFISHµÄ·ÖÎö»ã±¨

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ÃÀ¹úÁª¹úµ÷²é¾Ö£¨FBI£©ºÍºÓɽ°²È«Êý£¨DHS£©°ä²¼¹ØÓÚ¶ñÒâÈí¼þELECTRICFISHµÄ½áºÏ·ÖÎö»ã±¨£¨MAR£©¡£¡£ ¡£¡£¡£¡£¸Ã¶ñÒâÈí¼þÊdz¯ÏÊAPT×éÖ¯LazarusʹÓõŤ¾ß£¬ £¬£¬£¬£¬£¬£¬£¬ÓÃÓÚÍøÂçºÍÇÔÈ¡Êܺ¦ÕßµÄÊý¾Ý¡£¡£ ¡£¡£¡£¡£ELECTRICFISHʵÏÖÁËÒ»ÖÖ×Ô½ç˵ºÍ̸£¬ £¬£¬£¬£¬£¬£¬£¬ÔÊÐíÔÚÔ´ºÍÖ¸±êIPµØÖ·Ö®¼ä´«ÊäÁ÷Á¿¡£¡£ ¡£¡£¡£¡£¹¥»÷ÕßÄܹ»Ê¹ÓôúÀí·þÎñÆ÷/¶Ë¿Ú½øÐÐÅäÖ㬠£¬£¬£¬£¬£¬£¬£¬´Ó¶øÈƹýÊÜϰȾϵͳµÄÉí·ÝÑéÖ¤¡£¡£ ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.us-cert.gov/ncas/analysis-reports/AR19-129A