ºÚ¿Í¿ÉÀûÓü¤¹âÈëÇÖGoogleÖÇÄÜÓïÒô¸±ÊÖ£»£»£»£»£»£»£»ÒÁÀ¿Ëµ±¾Ö¶Â½Ø»¥ÁªÍø£¬£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚ×èÖ¹¿¹Òé»î¶¯
°ä²¼¹¦·ò 2019-11-06
½üÆÚ£¬£¬£¬£¬£¬£¬£¬£¬ÈÕ±¾µç×ÓͨѶ´óѧºÍÃÜЪ¸ù´óѧµÄ×êÑÐÈËÔ±·¢ÏÖ¿Éͨ¹ý¼¤¹âÈëÇֹȸ衢ƻ¹ûºÍÑÇÂíÑ·µÄÖÇÄÜÓïÒôÉ豸¡£¡£¡£¡£¡£¡£ÕâÖÖ±»³ÆÎª¡°¹âºÅÁµÄ¹¥»÷¿Éͨ¹ýÏòʹÓÃ΢»úµçϵͳ£¨MEMS£©µÄÂó¿Ë·çÉÏ·¢É伤¹âÊøÊµÏÖ£¬£¬£¬£¬£¬£¬£¬£¬Í¨¹ýµ÷Ôì¹âÊøµÄÇ¿¶È£¬£¬£¬£¬£¬£¬£¬£¬Äܹ»ÓÕÆMEMS²úÉúÓëÒôƵºÅÁîÒ»ÑùµÄµçÐźţ¬£¬£¬£¬£¬£¬£¬£¬×îÔ¶ÉõÖÁÄܹ»´Ó110Ã×±í¹¥»÷¡£¡£¡£¡£¡£¡£ÊÜÓ°ÏìµÄÉ豸Ô̺¬¹È¸èHome¡¢Nest Cam¡¢ÑÇÂíÑ·Echo¡¢Fire Cube TV¡¢iPhone¡¢ÈýÐÇGalaxy S9¡¢¹È¸èPixelºÍiPad¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±Ö¤Ã÷¸Ã¹¥»÷ÉõÖÁÄܹ»´ò¿ª³µ¿âÃÅ»ò½âËø·¿ÎÝÃÅ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/using-light-beams-to-control-google-apple-amazon-assistants/2¡¢ÒÁÀ¿Ëµ±¾Ö¶Â½Ø»¥ÁªÍø£¬£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚ×èÖ¹¿¹Òé»î¶¯
¾ÝNetBlocks±¨Â·£¬£¬£¬£¬£¬£¬£¬£¬´Ó±¾µØ¹¦·ò11ÔÂ5ÈÕ00:00ÆðÍ·£¬£¬£¬£¬£¬£¬£¬£¬ÒÁÀ¿ËÊ×¶¼°Í¸ñ´ïºÍÒÁÀ¿Ë´ó²¿ÃŵØÓòµÄ»¥ÁªÍø½ÓÈëÒѱ»¶Â½Ø£¬£¬£¬£¬£¬£¬£¬£¬È«¹úÁªÍøË®Æ½ÒѲ»µ½ÈÕ³£Ë®Æ½µÄ19%£¬£¬£¬£¬£¬£¬£¬£¬°Í¸ñ´ï¸÷µØÊýǧÍòÓû§ÏÂÏߣ¬£¬£¬£¬£¬£¬£¬£¬°ÍÊ¿À¡¢¿¨¶û°ÍÀºÍÆäËûÈ˶¡ÖÐÐͼÊÜÓ°Ïì¡£¡£¡£¡£¡£¡£ÍøÂçÕÉÁ¿Êý¾ÝÅú×¢ÕâÊÇÆù½ñΪֹÔÚÒÁÀ¿Ë¹Û²ìµ½µÄ×îÑϳÁµÄ¶ÏÍøÇé¿ö£¬£¬£¬£¬£¬£¬£¬£¬¶ø´ËǰÔÚÓп¹Òé»î¶¯²úÉúʱ£¬£¬£¬£¬£¬£¬£¬£¬ÒÁÀ¿Ëµ±¾ÖÔø²ÉÈ¡¹ý¶ÏÍø´ëÊ©¡£¡£¡£¡£¡£¡£×Ô½ñÄê10Ô³õÒÔÀ´£¬£¬£¬£¬£¬£¬£¬£¬ÒÁÀ¿ËÒ»ÏòÊܵ½È«¹úÐÔ¿¹Òé»î¶¯µÄ³å»÷¡£¡£¡£¡£¡£¡£¾Ý±¨Â·£¬£¬£¬£¬£¬£¬£¬£¬¿¹ÒéÃñ¶àµÄËßÇóÔ̺¬ÏÖµ±¾ÖÏĄ̂£¬£¬£¬£¬£¬£¬£¬£¬½øÐо¼Ã¶¦Ð£¬£¬£¬£¬£¬£¬£¬£¬¸ÄÉÆÉúÑÄǰÌáºÍÉç»á¸£Àû£¬£¬£¬£¬£¬£¬£¬£¬ÊµÏÖµòÂäµÈ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://netblocks.org/reports/iraq-shuts-down-internet-again-as-protests-intensify-Q8oOWz8n3¡¢Ó¡¶ÈVedantu¹«Ë¾Êý¾Ýй¶ӰÏì68.7ÍòÓû§
Ó¡¶È½ÌÓý¿Æ¼¼¹«Ë¾VedantuÔÚ¼¸¸öÔÂǰÔâ·êÊý¾Ýй¶ÊÂÎñ£¬£¬£¬£¬£¬£¬£¬£¬µ«Ö±µ½´Ë¿Ì²Å֪ͨ¿Í»§¡£¡£¡£¡£¡£¡£¾ÝHaveIBeenPwned³Æ£¬£¬£¬£¬£¬£¬£¬£¬¸ÃÊÂÎñ²úÉúÔÚ7Ô·ݣ¬£¬£¬£¬£¬£¬£¬£¬µ¼ÖÂ68.7ÍòVedantuÓû§µÄÓ×ÎÒÊý¾Ýй¶¡£¡£¡£¡£¡£¡£Ð¹Â¶µÄÊý¾ÝÌåʽΪJSON£¬£¬£¬£¬£¬£¬£¬£¬Ô̺¬ÐÕÃû¡¢µç×ÓÓʼþµØÖ·ºÍIPµØÖ·¡¢µç»°ºÅÂë¡¢ÐÔ±ðºÍ¹þÏ£ÃÜÂë¡£¡£¡£¡£¡£¡£»ã±¨ÖгÆÊÂÎñÔÒò¿ÉÄÜÊÇMongoDBÊý¾Ý¿â¶³ö£¬£¬£¬£¬£¬£¬£¬£¬µ«ÉÐδµÃµ½Ö¤Êµ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.infosecurity-magazine.com/news/attack-on-indian-ed-tech-firm/4¡¢PDF±à×ëÆ÷Able2Extract½¨¸´Á½¸öRCE·ì϶
˼¿ÆTalos×êÑÐÈËÔ±·¢ÏÖInvestintechµÄAble2Extract Professional¹¤¾ß´æÔÚÁ½¸öÄÚ´æ°Ü»µ·ì϶£¬£¬£¬£¬£¬£¬£¬£¬¿Éµ¼ÖÂÔÚÖ¸±êÍÆËã»úÉÏÖ´ÐÐËÁÒâ´úÂë¡£¡£¡£¡£¡£¡£Able2ExtractÊǺÏÓÃÓÚWindows¡¢MacºÍLinuxµÄ¿çƽ̨PDF±à×빤¾ß£¬£¬£¬£¬£¬£¬£¬£¬Æäרҵ°æÔÚ135¸ö¹ú¶È/µØÓòÕ¼Óг¬¹ý25ÍòÃûÓû§¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±·¢ÏÖµÄÁ½¸ö·ì϶£¨CVE-2019-5088ºÍCVE-2019-5089£©Ó°ÏìÁ˰汾14.0.7 x64£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿Éͨ¹ýÓÕʹÓû§´ò¿ª¶ñÒâJPEG»òBMPÎļþÀ´´¥·¢·ì϶¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾ÓÚ11ÔÂ1ÈÕÔÚа汾Öн¨¸´ÁËÕâЩÎÊÌâ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/93424/hacking/able2extract-tool-flaws.html
5¡¢ÀÕË÷Èí¼þNemtyͨ¹ý½©Ê¬ÍøÂçTrik´«²¼
ÈüÃÅÌú¿Ë×êÑÐÈËÔ±¹Û²ìµ½ÀÕË÷Èí¼þNemtyÔÚÓë½©Ê¬ÍøÂçTrikºÏ×÷ÒÔÀ©´óÆäÓ°ÏìÁìÓò¡£¡£¡£¡£¡£¡£Nemty³õ´Î±»·¢ÏÖÓÚ8Ô£¬£¬£¬£¬£¬£¬£¬£¬¶øTrikÒѾӵÓÐ10ÄêµÄº¹Çà¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±³ÆNemtyÔì³ÉµÄϰȾ´óÎÞÊý¶¼ÔÚº«¹ú£¨40%£©ºÍÖйú£¨36%£©·¢ÏÖ£¬£¬£¬£¬£¬£¬£¬£¬¶øÔÚ10Ô·Ýа汾µÄTrikÖØÒªÍ¨¹ýSMBºÍ̸³¢ÊÔÏνӵ½Ö¸±êÍÆËã»úµÄ139¶Ë¿Ú£¬£¬£¬£¬£¬£¬£¬£¬¶øºó´«²¼Nemty payload¡£¡£¡£¡£¡£¡£NemtyÈ·µ±Ç°°æ±¾ÊÇ1.6£¬£¬£¬£¬£¬£¬£¬£¬¹ÌÈ»1.4ºÍ1.6¶¼ÒÑÓÐÃâ·ÑµÄ½âÃÜÆ÷£¬£¬£¬£¬£¬£¬£¬£¬µ«½âÃÜÆ÷Éв»ÄÜÔÚËùÓеÄÀ©´óÃûÉÏʹÓᣡ£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.symantec.com/blogs/threat-intelligence/nemty-ransomware-trik-botnet
6¡¢¿¨°Í˹»ù·¢ÏÖShadow BrokersÌá¼°µÄAPT
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/kaspersky-identifies-mysterious-apt-mentioned-in-2017-shadow-brokers-leak/


¾©¹«Íø°²±¸11010802024551ºÅ