×êÑÐÍŶӳÆ1.28ÒÚiOSÓû§ÒÑϰȾ¶ñÒâÈí¼þXcodeGhost£»£»£»£»£»TorÍøÂçÐÂÔöÊýǧ¸ö¶ñÒâ½Ó¿Ú£¬£¬ £¬ £¬£¬£¬£¬£¬¼àÌý¼ÓÃÜÇ®±ÒÓйصÄÁ÷Á¿

°ä²¼¹¦·ò 2021-05-11

1.×êÑÐÍŶӳÆ1.28ÒÚiOSÓû§ÒÑϰȾ¶ñÒâÈí¼þXcodeGhost


1.jpg


×êÑÐÍŶӳÆ£¬£¬ £¬ £¬£¬£¬£¬£¬ÔÚ×î½üµÄ¶ñÒâÈí¼þ¹¥»÷ÖУ¬£¬ £¬ £¬£¬£¬£¬£¬³¬¹ý1.28ÒÚiOSÓû§³ÉΪ¹¥»÷Ö¸±ê¡£¡£¡£¡£¡£¡£¡£¡£¹¥»÷ÕßÔÚÕâ´Î»î¶¯ÖÐʹÓÃÁËXcodeGhost£¬£¬ £¬ £¬£¬£¬£¬£¬¸Ã¶ñÒâÈí¼þÓÚ2015Äê³õ´Î³öÏÖ¡£¡£¡£¡£¡£¡£¡£¡£AppleÖÒ¸æ³Æ£¬£¬ £¬ £¬£¬£¬£¬£¬Ô¼Äª2500¸öÀûÓÃϰȾÁ˶ñÒâXcode´úÂë¡£¡£¡£¡£¡£¡£¡£¡£¾Ý±¨Â·£¬£¬ £¬ £¬£¬£¬£¬£¬ÆäÖÐÔ¼55%µÄÓû§ÊÇÖйúÈË£¬£¬ £¬ £¬£¬£¬£¬£¬¶ø66%µÄÏÂÔØÁ¿ÓëÖйúÓйØ¡£¡£¡£¡£¡£¡£¡£¡£³ö¸ñÊÇ£¬£¬ £¬ £¬£¬£¬£¬£¬Ò»Ð©¹ãÊÜ»¶Ó­µÄÀûÓÃÒ²ÒÑϰȾÁ˸öñÒâÈí¼þ£¬£¬ £¬ £¬£¬£¬£¬£¬Ô̺¬ÓÎÏ·¡°ÄÕÅ­µÄÓ×Äñ2¡±¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.ehackingnews.com/2021/05/xcodeghost-malware-infected-around-128m.html


2.TorÍøÂçÐÂÔöÊýǧ¸ö¶ñÒâ½Ó¿Ú£¬£¬ £¬ £¬£¬£¬£¬£¬¼àÌý¼ÓÃÜÇ®±ÒÓйصÄÁ÷Á¿


2.jpg


The Record³Æ£¬£¬ £¬ £¬£¬£¬£¬£¬×Ô2020ÄêÒÔÀ´TorÍøÂçÐÂÔöÊýǧ¸ö¶ñÒâ½Ó¿Ú£¬£¬ £¬ £¬£¬£¬£¬£¬¼àÌý¼ÓÃÜÇ®±ÒÓйØÍøÕ¾µÄÁ÷Á¿¡£¡£¡£¡£¡£¡£¡£¡£ÔÚÕë¶ÔTorÍøÂçµÄ¹¥»÷ÖУ¬£¬ £¬ £¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÀûÓÃÆä½ÚÔìµÄÇ®°ü´úÌæºÏ·¨Ç®°üµÄµØÖ·À´½Ù³ÖÂòÂô¡£¡£¡£¡£¡£¡£¡£¡£´Ë±í£¬£¬ £¬ £¬£¬£¬£¬£¬Nusenu·¢ÏÖºÚ¿ÍÒѾ­Á½´ÎÍ»ÆÆÁËÆä×Ô2020Äê5ÔÂÒÔÀ´µÄ¼Í¼(¶ñÒâ½Ó¿Ú±ÈÀýΪ23%):2020Äê10ÔÂ30ÈÕ£¬£¬ £¬ £¬£¬£¬£¬£¬ºÚ¿ÍÍÅ»ï°Ñ³ÖÁ˳¬¹ý26%µÄtorÍøÂç½Ó¿Ú£¬£¬ £¬ £¬£¬£¬£¬£¬µ½2021Äê02ÔÂ02ÈÕ£¬£¬ £¬ £¬£¬£¬£¬£¬ÆäÒѾ­ÖÎÀíÁ˳¬¹ý27%µÄ½Ó¿Ú¡£¡£¡£¡£¡£¡£¡£¡£Ä¿Ç°£¬£¬ £¬ £¬£¬£¬£¬£¬¶ñÒâ½Ó¿Ú¾ùÒÑ´ÓTorÍøÂçÖÐÒÆ³ý¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/117749/deep-web/tor-exit-nodes-ssl-stripping.html


3.ÃÀ¹úËþ¶ûÈøÊÐÍøÂçϰȾÀÕË÷Èí¼þ£¬£¬ £¬ £¬£¬£¬£¬£¬ÊÐÕþϵͳȫÊý¹Ø¹Ø


3.jpg


ÉÏÖÜÄ©£¬£¬ £¬ £¬£¬£¬£¬£¬ÃÀ¹úËþ¶ûÈøÊеÄÍøÂçϰȾÀÕË÷Èí¼þ£¬£¬ £¬ £¬£¬£¬£¬£¬ÊÐÕþϵͳȫÊý¹Ø¹Ø¡£¡£¡£¡£¡£¡£¡£¡£Ëþ¶ûÈø£¨Tulsa£©ÊÇÃÀ¹ú¶í¿ËÀ­ºÉÂíÖݵĵڶþ´ó³ÇÊУ¬£¬ £¬ £¬£¬£¬£¬£¬È˶¡Ô¼40ÍòÈË¡£¡£¡£¡£¡£¡£¡£¡£¸ÃÊÐÊг¤³ÆÆäÔÚ·þÎñÆ÷ÉÏ·¢ÏÖÁ˶ñÒâÈí¼þ£¬£¬ £¬ £¬£¬£¬£¬£¬²¢Á¢¿Ì¹Ø¹ØÁËËùÓÐϵͳ¡£¡£¡£¡£¡£¡£¡£¡£Æä911·þÎñ»ò´¹Î£ÏìÓ¦²¢Î´Êܵ½Ó°Ï죬£¬ £¬ £¬£¬£¬£¬£¬µ«ÊÇÔÚÏßÕ˵¥Ö§¸¶ÏµÍ³¡¢¹«¹²ÊÂÎñ·þÎñ¡¢Ëþ¶ûÈøÊÐÒé»á¡¢¾¯Ô±¾ÖºÍËþ¶ûÈøµÈ311¸öÍøÕ¾ÈÔÔÚÊØ»¤ÖС£¡£¡£¡£¡£¡£¡£¡£¸ÃÊгÆÕâ´Î¹¥»÷²¢Î´Ð¹Â¶¹«ÃñµÄÐÅÏ¢£¬£¬ £¬ £¬£¬£¬£¬£¬µ«²¿ÃÅÎļþÒѾ­±»ÇÔ¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/city-of-tulsas-online-services-disrupted-in-ransomware-incident/


4.°Ä´óÀûÑǹúÁ¢´óѧÔâµ½¹¥»÷£¬£¬ £¬ £¬£¬£¬£¬£¬Ô±¹¤ºÍѧÉúµÄÐÅϢй¶


4.jpg


°Ä´óÀûÑǹúÁ¢´óѧ(ANU)½üÆÚ·¢ÏÔìäÔøÔâµ½¹¥»÷£¬£¬ £¬ £¬£¬£¬£¬£¬Ô±¹¤ºÍѧÉúµÄÐÅϢй¶¡£¡£¡£¡£¡£¡£¡£¡£ANUÓÚÁ½ÖÜǰ·¢ÏÔìäÔÚ2018Äêµ×Ôâµ½ÁËÍøÂç¹¥»÷£¬£¬ £¬ £¬£¬£¬£¬£¬±»µÁÊý¾Ý¿É×·Òäµ½19ÄêÒÔǰ£¬£¬ £¬ £¬£¬£¬£¬£¬Éæ¼°Ô±¹¤¡¢Ñ§ÉúºÍ·Ã¿Í£¬£¬ £¬ £¬£¬£¬£¬£¬Ä¿Ç°Éв»Ã÷ÏÔºÚ¿ÍÔÚANUµÄϵͳÖаµ²ØÁ˶೤¹¦·ò¡£¡£¡£¡£¡£¡£¡£¡£Õâ´Îй¶µÄÐÅÏ¢Ô̺¬ÐÕÃû¡¢µØÖ·¡¢µ®ÉúÈÕÆÚ¡¢µç»°ºÅÂë¡¢ÓʼþµØÖ·¡¢´¹Î£ÁªÏµ·½Ê½¡¢Ë°ÎñÎļþ±àºÅ¡¢¹¤×ʵ¥ÐÅÏ¢¡¢ÒøÐÐÕÊ»§¾ßÌåÐÅÏ¢¡¢»¤ÕÕ¾ßÌåÐÅÏ¢ºÍѧÊõ¼Í¼µÈ¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.databreaches.net/au-19-years-of-personal-data-was-stolen-from-anu-it-could-show-up-on-the-dark-web/


5.×êÑÐÈËÔ±ÑÝʾ¿ÉÈÆ¹ýSpectre·À»¤´ëÊ©µÄй¥»÷·½Ê½


5.jpg


×êÑÐÈËÔ±ÑÝʾÁËÒ»ÖÖÐµĹ¥»÷·½Ê½£¬£¬ £¬ £¬£¬£¬£¬£¬¿ÉÈÆ¹ýоƬÖÐÄÚÖõÄËùÓÐSpectre·À»¤´ëÊ©¡£¡£¡£¡£¡£¡£¡£¡£SpectreÓÚ2018Äê1Ô¹«¿ª£¬£¬ £¬ £¬£¬£¬£¬£¬ËüµÄÖ÷ÌâÊǰ´Ê±²àÐÅ·¹¥»÷£¬£¬ £¬ £¬£¬£¬£¬£¬ÀûÓÃÁËCPUÓ²¼þʵÏÖÖеĴ§Ä¦Ö´ÐÐÓÅ»¯²½Ö裬£¬ £¬ £¬£¬£¬£¬£¬ÓÕʹ·¨Ê½½Ó¼ûÄÚ´æÖеÄËÁÒâµØÎ»´Ó¶øÐ¹Â©ÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£ÕâÖÖÐµĹ¥»÷·½Ê½Ê¹ÓÃÁË΢²Ù×÷£¨micro-ops£©»º´æ£¬£¬ £¬ £¬£¬£¬£¬£¬ÕâÊÇÄܹ»½«»úеָÁî·Ö»¯Îª¸üµ¥Ò»µÄºÅÁîµÄ×é¼þ£¬£¬ £¬ £¬£¬£¬£¬£¬¿É×÷Ϊй¶»úÃÜÐÅÏ¢µÄ¸¨ÖúÇþ·£¬£¬ £¬ £¬£¬£¬£¬£¬×Ô2011ÄêÒÔÀ´±ãÒѱ»ÄÚÖõ½»ùÓÚIntelµÄÍÆËã»úÖС£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2021/05/new-spectre-flaws-in-intel-and-amd-cpus.html


6.Alien Labs·¢ÏÖQBotÀûÓÃÏÖÓкϷ¨ÓʼþµÄ¹¥»÷»î¶¯


6.jpg


Alien LabsµÄ×êÑÐÈËÔ±·¢ÏÖÁËÐÂÒ»ÂÖµÄQBot¹¥»÷»î¶¯¡£¡£¡£¡£¡£¡£¡£¡£QBot×Ô2007ÄêÆðÍ·»îÔ¾£¬£¬ £¬ £¬£¬£¬£¬£¬×î³õÖ»ÊÇ´¦ÓÚ²ÆÕþÖ÷ÕŵÄÒøÐÐľÂí¡£¡£¡£¡£¡£¡£¡£¡£ÔÚÕâ´Î¹¥»÷ÖУ¬£¬ £¬ £¬£¬£¬£¬£¬¹¥»÷ÕßÀûÓÃÁËÖ¸±êÖ®¼äºÏ·¨µÄóÒ×ͨѶ£¬£¬ £¬ £¬£¬£¬£¬£¬²¢¶ÔÆä½øÐÐÁËÅú¸Ä£¬£¬ £¬ £¬£¬£¬£¬£¬Ê¹µÃµö¶üÓʼþ¿´ÉÏÈ¥¸üÓÐ˵·þÁ¦¡£¡£¡£¡£¡£¡£¡£¡£´Ë±í£¬£¬ £¬ £¬£¬£¬£¬£¬ÎªÁËÔö³¤¼ì²âºÍ·ÖÎöµÄÄѶÈ£¬£¬ £¬ £¬£¬£¬£¬£¬QBot»á¶ÔÆä×Ö·û´®½øÐмÓÃܲ¢ÔÚÔËÐÐʱ¶ÔÆä½øÐнâÃÜ£¬£¬ £¬ £¬£¬£¬£¬£¬Ò»µ©QBotµÄÖ´ÐÐÂß¼­Ê¹ÓÃÍê×Ö·û´®£¬£¬ £¬ £¬£¬£¬£¬£¬Ëü½«Á¢¼´´ÓÄÚ´æÖÐɾ³ý¸Ã×Ö·û´®¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.ehackingnews.com/2021/05/qakbot-malware-is-targeting-users-via.html