ÄÜÔ´¹©¸øÉÌE.Onй¶497¸ö¿Í»§µÄµç×ÓÓʼþµØÖ·£»£»£»£»£»Ë¼¿Æ½¨¸´ÍøÂçºÍͨѶÉ豸ÖеÄ18¸ö·ì϶
°ä²¼¹¦·ò 2019-07-08
ÄÜÔ´¹©¸øÉÌE.On³ÆÆäÒ»¸ö¡°ÏµÍ³ÃýÎó¡±µ¼ÖÂÊý°Ù¸ö¿Í»§µÄµç×ÓÓʼþµØÖ·ÔÚÒDZíÅ̶ÁÊýÒªÇóÖÐй¶¡£¡£¡£¡£¡£¡£¡£¡£¸Ã×Ô¶¯ÓʼþÕý±¾½öÕë¶ÔÿÓ×ÎÒ£¬£¬£¬£¬£¬µ«ÓʼþÖÐÃýÎóµØÁгöÁËÁí±í497¸öÊÕ¼þÈË¡£¡£¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾³Æ¸ÃÊÂÎñûÓе¼ÖÂÈκÎÕË»§ÐÅÏ¢»ò²ÆÕþϸ½Úй¶¡£¡£¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾»¹°µÊ¾ÔÚ½øÐÐÄÚ²¿µ÷²é£¬£¬£¬£¬£¬²¢»áÔÚ±ØÒªÊ±Í¨ÖªÓйص±¾Ö¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bbc.com/news/technology-488883832.й¥»÷»î¶¯ÀûÓÃGolang¶ñÒâÈí¼þ¶Ô×¼Linux·þÎñÆ÷
F5 Networks×êÑÐÈËÔ±·¢ÏÖÒ»¸öеĶñÒâÍÚ¿ó»î¶¯£¬£¬£¬£¬£¬¸Ã»î¶¯ÖØÒªÏòLinux·þÎñÆ÷·Ö·¢ÐµÄGolang¶ñÒâÈí¼þ¡£¡£¡£¡£¡£¡£¡£¡£¸Ã»î¶¯ÓÚ6ÔÂ10ÈÕ×óÓÒÆðÍ·£¬£¬£¬£¬£¬Ä¿Ç°ÒѾϰȾÁËÊýǧ̨»úе¡£¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß½«¶ñÒâ´úÂëÍйÜÔÚ±»ÈëÇÖµÄÖÐÎĵçÉÌÍøÕ¾ÉÏ£¬£¬£¬£¬£¬²¢Ê¹ÓÃPastebin·þÎñÍйÜbash¾ç±¾¡£¡£¡£¡£¡£¡£¡£¡£¹¥»÷ÕßÀûÓÃ7ÖÖ²½Öè½øÐд«²¼£¬£¬£¬£¬£¬Ô̺¬4¸öWebÀûÓ÷ì϶¡¢SSHÍ´´¦Ã¶¾Ù¡¢RedisÊý¾Ý¿âÃÜÂëö¾ÙÒÔ¼°ÀûÓÃÒÑÓÐSSHÃØÔ¿ÏÎ½ÓÆäËüÍÆËã»ú¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/88005/malware/cryptomining-campaign-golang-malware.html3.´È±¯»ú¹¹St John AmbulanceÔâÀÕË÷Èí¼þ¹¥»÷
ÃÀ¹ú¼±¾È´È±¯»ú¹¹St John AmbulanceÔâÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬£¬£¬ËùÓвÎÓëÁËÅàѵ¿Î³ÌµÄÓû§Êý¾Ý¶¼ÊÜÓ°Ïì¡£¡£¡£¡£¡£¡£¡£¡£¸Ã»ú¹¹ÓÚ7ÔÂ2ÈÕ·¢ÏÖÊÜÀÕË÷²¡¶¾Ï°È¾£¬£¬£¬£¬£¬²¨¼°µÄÓû§Êý¾ÝÔ̺¬Ô¤Ô¼ºÍ²ÎÓëÅàѵ¿Î³ÌµÄÈËÔ±ÐÕÃû¡¢¿Î³ÌÏêÇé¡¢ÁªÏµÐÅÏ¢¡¢Óöȡ¢·¢Æ±ÒÔ¼°¼ÝÕÕÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£¸Ã»ú¹¹³ÆÕâ´Î¹¥»÷²¢Î´¶ÔÆäÔËӪϵͳ²úÉúÓ°Ïì¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://cyware.com/news/st-john-ambulance-hit-with-ransomware-attack-af0b80474.¿ËÂÞµØÑǵ±¾ÖÔâ¶ñÒâÈí¼þSilentTrinity¹¥»÷
¿ËÂÞµØÑǵ±¾ÖÔ±¹¤ÔÚ2019Äê2ÔÂÖÁ4ÔÂÆÚ¼äÔâµ½´¹µö¹¥»÷£¬£¬£¬£¬£¬¸Ã´¹µöÓʼþ¼Ù×°³É¿ËÂÞµØÑÇÓÊÕþ»òÆäËüÁãÊÛ·þÎñµÄËÍ»õ֪ͨ£¬£¬£¬£¬£¬Í¨¹ý¶ñÒâURLÏòÓû§·Ö·¢Ô̺¬¶ñÒâºêµÄExcelÎĵµ¡£¡£¡£¡£¡£¡£¡£¡£¸ÃÎĵµÔÚ¹¥»÷ÆÚ¼ä·Ö·¢¹ýÁ½ÖÖpayload£¬£¬£¬£¬£¬Ò»¸öÊÇEmpireºóÃÅ£¬£¬£¬£¬£¬ÁíÒ»¸öÊÇSilentTrinity¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/croatian-government-targeted-by-mysterious-hackers/5.˼¿Æ½¨¸´ÍøÂçºÍͨѶÉ豸ÖеÄ18¸ö·ì϶
˼¿Æ°ä²¼Ò»ÏµÁÐ17¸ö°²È«¸üУ¬£¬£¬£¬£¬½¨¸´ÍøÂçºÍͨѶÉ豸ÖеÄ18¸ö·ì϶¡£¡£¡£¡£¡£¡£¡£¡£·ì϶ÁìÓòÔ̺¬´ÓºÅÁîºÍ´úÂëÖ´Ðе½»Ø¾ø·þÎñµÈ¡£¡£¡£¡£¡£¡£¡£¡£½ÏΪÑϳÁµÄ·ì϶Ô̺¬Web Security ApplianceÖÐÓÉÓÚ·¢ËÍÌåʽÃýÎóµÄÖ¤Êéµ¼ÖµĻؾø·þÎñ·ì϶ÒÔ¼°JabberÖеÄDLLÔ¤¼ÓÔØ´úÂëÖ´Ðзì϶¡£¡£¡£¡£¡£¡£¡£¡£Ë¼¿ÆSmall Business»¥»»»ú½¨¸´Á½¸ö¸ßΣ·ì϶£¬£¬£¬£¬£¬ÆäÖÐÒ»¸öÊÇHTTPÒªÇóµ¼ÖµĻؾø·þÎñ·ì϶£¬£¬£¬£¬£¬ÁíÒ»¸öÊÇSSLÖ¤Êé´¦Öùý³ÌÖеÄÄÚ´æ°Ü»µ·ì϶¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.theregister.co.uk/2019/07/05/cisco_patch_fix/6.Magento½¨¸´¿Éµ¼ÖÂÍøÕ¾±»ÊÕÊܵݲȫ·ì϶
Magento½¨¸´Ò»¸ö°²È«·ì϶£¬£¬£¬£¬£¬¸Ã·ì϶¿ÉÔÊÐíδ¾Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß½Ù³ÖÖÎÀí»Ø»°²¢ÊÕÊÜÍøÕ¾¡£¡£¡£¡£¡£¡£¡£¡£Æ¾¾ÝRIPS TechnologiesµÄ·ÖÎö»ã±¨£¬£¬£¬£¬£¬¹¥»÷ÕßÊ×ÏÈ¿ÉÀûÓô洢ÐÍXSS·ì϶½«JavaScript payload×¢ÈëMagentoÉ̵êµÄÖÎÀíºó¶Ë¡£¡£¡£¡£¡£¡£¡£¡£Í¨¹ýÕâÖÖ·½Ê½£¬£¬£¬£¬£¬¹¥»÷Õ߿ɽٳÖÖÎÀí²Ç»°£¬£¬£¬£¬£¬¶øºóÀûÓÃRCE·ì϶£¨Phar·´ÐòÁл¯·ì϶£©À´ÊÕÊÜÔÚÏßÉ̵ꡣ¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/87955/hacking/magento-security-flaws.html


¾©¹«Íø°²±¸11010802024551ºÅ