ά»ù°Ù¿ÆÔâDDoS¹¥»÷ £¬ £¬£¬£¬£¬ £¬£¬£¬ÊýÓ×ʱºó¸´Ô­£»£»£» £»£» £»ºÚ¿ÍÀûÓÃDoS·ì϶µ¼ÖÂÃÀ¹úµçÍø·À»ðǽ·´¸´³ÁÆô

°ä²¼¹¦·ò 2019-09-10

1.ά»ù°Ù¿ÆÔâDDoS¹¥»÷ £¬ £¬£¬£¬£¬ £¬£¬£¬ÊýÓ×ʱºó¸´Ô­


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ά»ù°Ù¿ÆÔâ·ê¶ñÒâÍøÂç¹¥»÷µ¼Ö¶à¸ö¹ú¶ÈµÄÍøÕ¾å´»úÏÂÏß £¬ £¬£¬£¬£¬ £¬£¬£¬±¾´Î¹¥»÷²úÉúÔÚ9ÔÂ8ÈÕÁ賿2µã×óÓÒ £¬ £¬£¬£¬£¬ £¬£¬£¬ÖØÒªÊܵ½Ó°ÏìµÄÊÇÅ·ÖÞºÍÖж«Óû§¡£¡£¡£¡£¡£ ¡£¡£Î¬»ù°Ù¿Æ»ù½ð»á֤ʵÁËÕâ´Î¹¥»÷²¢Í¨ÖªÓû§Æäר¼ÒÒѾ­ÔÚÖÂÁ¦¸´Ô­Õý³£ÔËÓª¡£¡£¡£¡£¡£ ¡£¡£Î¬»ù°Ù¿ÆÃ»Óн«¹¥»÷¹éÒòÓÚÌØ¶¨µÄ¹¥»÷Õß £¬ £¬£¬£¬£¬ £¬£¬£¬²¢°µÊ¾²»ÄÜÅųýËü¿ÉÄÜÊDzâÊԿɹ©³ö×âµÄDDoS½©Ê¬ÍøÂç¹¥»÷Á¦µÄʾ·¶ÐÔ¹¥»÷¡£¡£¡£¡£¡£ ¡£¡£Æ¾¾ÝÀ´×Ô·ÖÆç¹ú¶ÈµÄÓû§µÄ˵·¨ £¬ £¬£¬£¬£¬ £¬£¬£¬ÊýÓ×ʱºóÒѸù»ù¸´Ô­ÁËÕý³£·þÎñ £¬ £¬£¬£¬£¬ £¬£¬£¬µ«Î¬»ù°Ù¿ÆÉÐδÕýʽȷÈÏÆëÈ«½â³ý¸ÃÎÊÌâ £¬ £¬£¬£¬£¬ £¬£¬£¬ÊÂÎñËÆºõÈÔÔÚµ÷²éÖС£¡£¡£¡£¡£ ¡£¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/90998/hacking/wikipedia-suffers-ddos-attack.html


2.ºÚ¿ÍÀûÓÃDoS·ì϶µ¼ÖÂÃÀ¹úµçÍø·À»ðǽ·´¸´³ÁÆô


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


±±ÃÀµçÁ¦¿¿µÃסÐÔ¹«Ë¾£¨NERC£©ÉÏÖܰµÊ¾½ñÄêÔçЩʱ³½Ó°ÏìÃÀ¹úµçÍøÊµÌåµÄÍøÂ簲ȫÊÂÎñ²¢Ã»ÓÐ×î³õÉèÏëµÄÄÇÑùΣÏÕ¡£¡£¡£¡£¡£ ¡£¡£NERCÔÚÒ»·Ý»ã±¨ÖÐÖ¸³ö £¬ £¬£¬£¬£¬ £¬£¬£¬ºÚ¿ÍÔÚ2019Äê3ÔÂ5ÈÕÀûÓÃDoS·ì϶µ¼ÖµçÍø·À»ðǽÔÚ10Ó×ʱÄÚ·´¸´³ÁÆô £¬ £¬£¬£¬£¬ £¬£¬£¬¸ÃÊÂÎñÖ»Ó°ÏìÁËһЩµÍÓ°Ïì¼¶·¢µçÕ¾µãµÄÍøÂç±íΧ·À»ðǽ £¬ £¬£¬£¬£¬ £¬£¬£¬²¢Ã»ÓÐÔì³ÉµçÁ¦¹©¸øµÄÈκÎÖжÏ¡£¡£¡£¡£¡£ ¡£¡£ËæºóµÄ·ÖÎöÈ·¶¨³ÁÆôÊÇÓÉÀûÓÃÒÑÖª·À»ðǽ·ì϶µÄ±í²¿ÊµÌåÌáÒéµÄ £¬ £¬£¬£¬£¬ £¬£¬£¬ÔËÓªÉÌ×îÖÕ·¢ÏÖËûÃÇδÄÜΪÊܵ½¹¥»÷µÄ·À»ðǽÀûÓù̼þ¸üР£¬ £¬£¬£¬£¬ £¬£¬£¬ÔÚ²Ù×÷Ô±²¿ÊðÊʵ±µÄ²¹¶¡ºó £¬ £¬£¬£¬£¬ £¬£¬£¬·À»ðǽ²»ÔÙ³ÁÆô¡£¡£¡£¡£¡£ ¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/cyber-security-incident-at-us-power-grid-entity-linked-to-unpatched-firewalls/


3.Telestar±»ÆØTelnetºóÃÅ·ì϶ӰÏì100¶àÍòIoTÉ豸


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


±¾ÖÜÒ»Vulnerability-Lab×êÑÐÔ±Benjamin KunzÅû¶Telestar Digital GmbHÎÞÏßµçIoTÉ豸ÖеÄÁ½¸öÑϳÁ·ì϶£¨CVE-2019-13473ºÍCVE-2019-13474£© £¬ £¬£¬£¬£¬ £¬£¬£¬¿ÉÔÊÐí¹¥»÷ÕßÔ¶³Ì½Ù³Öϵͳ¡£¡£¡£¡£¡£ ¡£¡£ÊÜÓ°ÏìµÄÉ豸Ô̺¬¸Ã¹«Ë¾µÄImperial£¦DabmanϵÁвúÆ· £¬ £¬£¬£¬£¬ £¬£¬£¬ÆäÖÐÔ̺¬±ãЯʽÊÕÒô»úºÍDABÁ¢ÌåÉùϵͳ¡£¡£¡£¡£¡£ ¡£¡£ÕâЩ²úÆ·ÖØÒªÔÚÅ·ÖÞÏúÊÛ £¬ £¬£¬£¬£¬ £¬£¬£¬»ùÓÚBusyBox Linux Debian²¢ÀûÓÃÀ¶ÑÀºÍ»¥ÁªÍøÏνÓ¡£¡£¡£¡£¡£ ¡£¡£Kunz·¢ÏÖÕâЩÉ豸ÔÚ23¶Ë¿ÚÉÏÆôÓÃÁËTelnet·þÎñ £¬ £¬£¬£¬£¬ £¬£¬£¬µ«Ã»ÓÐÎĵµ¼Í¼ £¬ £¬£¬£¬£¬ £¬£¬£¬ÓÉÓÚѡȡÁËÈõÃÜÂë £¬ £¬£¬£¬£¬ £¬£¬£¬×êÑÐÍŶÓÄܹ»ÔÚ10·ÖÖÓÄÚ»ñÈ¡root½Ó¼ûȨÏÞ¡£¡£¡£¡£¡£ ¡£¡£×êÑÐÈËÔ±³Æ¿ÉÄÜÓг¬¹ý100Íǫ̀Éè±¸Ãæ¶Ô·çÏÕ¡£¡£¡£¡£¡£ ¡£¡£

  Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/critical-vulnerabilities-impact-over-a-million-iot-radio-devices/


4.Facebook½¨¸´HHVM·þÎñÆ÷ÖеÄÐÅϢй¶/DoS·ì϶


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Facebook½¨¸´Æä·þÎñÆ÷ÀûÓ÷¨Ê½ÖеÄÁ½¸ö¸ßΣ·ì϶ £¬ £¬£¬£¬£¬ £¬£¬£¬ÕâЩ·ì϶¿ÉÄÜÔÊÐíÔ¶³Ì¹¥»÷Õß½öͨ¹ýÉÏ´«¶ñÒâ»ú¹ØµÄJPEGͼÏñÎļþÀ´Î´ÊÚȨ»ñÈ¡Ãô¸ÐÐÅÏ¢»òµ¼Ö»ؾø·þÎñ¡£¡£¡£¡£¡£ ¡£¡£·ì϶´æÔÚÓÚHHVM£¨HipHopÐé¹¹»ú£©ÖÐ £¬ £¬£¬£¬£¬ £¬£¬£¬ÓÉÓÚ¸ÃÀûÓ÷¨Ê½ÊÇ¿ªÔ´ÇÒÃâ·ÑµÄ £¬ £¬£¬£¬£¬ £¬£¬£¬Òò¶øÆäËüʹÓÃHHVMµÄÍøÕ¾¿ÉÄÜÒ²ÊÜÓ°Ïì £¬ £¬£¬£¬£¬ £¬£¬£¬Ô̺¬Wikipedia¡¢BoxµÈ £¬ £¬£¬£¬£¬ £¬£¬£¬ÓÈÆäÊÇÄÇЩÔÊÐíÓû§ÔÚ·þÎñÆ÷ÉÏÉÏ´«Í¼ÏñµÄÍøÕ¾¡£¡£¡£¡£¡£ ¡£¡£ÕâÁ½¸ö·ì϶Ô̺¬£ºCVE-2019-11925 £¬ £¬£¬£¬£¬ £¬£¬£¬HHVMµÄGDÀ©´óÖд¦ÖÃJPEG APP12¿éÏóÕ÷ʱÌìǵ²é³­²»¼° £¬ £¬£¬£¬£¬ £¬£¬£¬¿Éµ¼Ö½ӼûÔ½½çÄڴ棻£»£» £»£» £»CVE-2019-11926 £¬ £¬£¬£¬£¬ £¬£¬£¬ÔÚGDÀ©´óÖд¦ÖÃÀ´×ÔJPEG±êÍ·µÄM_SOFxÏóÕ÷ʱÌìǵ²é³­²»¼° £¬ £¬£¬£¬£¬ £¬£¬£¬¿Éµ¼Ö½ӼûÔ½½çÄÚ´æ¡£¡£¡£¡£¡£ ¡£¡£½¨ÒéÓû§¾¡¿ì¸üе½×îа汾¡£¡£¡£¡£¡£ ¡£¡£


Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2019/09/facebook-hhvm-vulnerability.html


5.ÃÀ¹úÍøÂç˾ÁÏòVirusTotalÉÏ´«11¸ö¶ñÒâÈí¼þÑù±¾


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ÃÀ¹úÍøÂç˾Á£¨USCYBERCOM£©ÏòVirusTotalÉÏ´«ÁË11¸ö¶ñÒâÈí¼þÑù±¾ £¬ £¬£¬£¬£¬ £¬£¬£¬ËùÓÐÕâЩÑù±¾¶¼Ó볯ÏÊAPT×éÖ¯LazarusÓйØ¡£¡£¡£¡£¡£ ¡£¡£½«¶ñÒâÑù±¾¹²Ïí¸øÐÅÏ¢°²È«ÉçÇøÊÇUSCYBERCOMÍøÂç¹ú¶ÈʹÃü¶ÓÁУ¨CNMF£©·¢Õ¹µÄÏîÖ÷ÕÅÒ»²¿ÃÅ £¬ £¬£¬£¬£¬ £¬£¬£¬¸ÃÏîÄ¿ÓÚ2018Äê11ÔÂÆô¶¯¡£¡£¡£¡£¡£ ¡£¡£Õâ11¸öÑù±¾ÖдóÎÞÊý¶¼ÒÔ32λϵͳ×÷Ϊָ±ê £¬ £¬£¬£¬£¬ £¬£¬£¬Ñù±¾²¢²»ÊÇ×îÐ嵀 £¬ £¬£¬£¬£¬ £¬£¬£¬ÆäÖÐ10¸öÊÇ2017Äê´´½¨µÄ £¬ £¬£¬£¬£¬ £¬£¬£¬µÚ11¸öÊÇÔÚ2018Äê2Ô´´½¨µÄ¡£¡£¡£¡£¡£ ¡£¡£´óÎÞÊýÑù±¾Ò²Óë¶ñÒâ»î¶¯Operation GhostSecretÓÐ¹Ø £¬ £¬£¬£¬£¬ £¬£¬£¬ÕâÊÇÒ»¸öÐÅÏ¢ÇÔÈ¡¹¥»÷»î¶¯ £¬ £¬£¬£¬£¬ £¬£¬£¬McAfeeÓÚ2018Äê4Ô½«Æä¹é×ïÓÚLazarus¡£¡£¡£¡£¡£ ¡£¡£ 


Ô­ÎÄÁ´½Ó£º

https://www.cyberscoop.com/cyber-command-virus-total-north-korean-malware/


6.¶ñÒâ¸æ°×ÀûÓÃ4¸öEKÏòWindowsÓû§·Ö·¢ÀÕË÷Èí¼þ


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


°²È«×êÑÐÔ±nao_secÔÚÖÜÄ©ÖÁÖÜÒ»ÆÚ¼ä·¢ÏÖ4¸ö·ÖÆçµÄ¶ñÒâ¸æ°×»î¶¯ÀûÓÃEKÏòÓû§·Ö·¢ÀÕË÷Èí¼þ¡¢Ä¾Âí¡¢¼ôÌù°å½Ù³Ôì÷µÈ¡£¡£¡£¡£¡£ ¡£¡£ÖÜÁùnao_sec¹Û²ìµ½GrandSoft EKÔÚ·Ö·¢ÒøÐÐľÂíRamnit £¬ £¬£¬£¬£¬ £¬£¬£¬ÖÜÈÕRig EKÀûÓÃCVE-2018-15982£¨Flash Player£©¡¢CVE-2018-8174£¨Microsoft IE VBScriptÒýÇæ£©µÈ·ì϶·Ö·¢¼ôÌù°å½Ù³Ôì÷¼°AmadeyľÂí¡£¡£¡£¡£¡£ ¡£¡£´Ë±í £¬ £¬£¬£¬£¬ £¬£¬£¬ÖÜÒ»Fallout EKÀûÓÃÒ»ÑùµÄ·ì϶·Ö·¢¼ôÌù°å½Ù³Ôì÷ £¬ £¬£¬£¬£¬ £¬£¬£¬¶øRadio EKÔòÔÚÍÆ¶¯×°ÖÃÀÕË÷Èí¼þNemty¡£¡£¡£¡£¡£ ¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/exploit-kits-target-windows-users-with-ransomware-and-trojans/