¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181010

°ä²¼¹¦·ò 2018-10-10

1¡¢GoogleÐÂÕþ²ßÖ»ÔÊÐíAndroidĬÈÏÀûÓýӼûͨ»°¼Í¼ºÍ¶ÌÐÅ


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ΪÁËÔ¤·ÀµÚÈý·½ÀûÓÃÀÄÓÃÓû§µÄÃô¸ÐÊý¾Ý£¬ £¬£¬£¬£¬ £¬£¬Google×ö³öÁ˼¸Ïî³ÁÒªµÄ¸ü¸Ä¡£¡£¡£¡£¡£¡£¡£¡£GoogleÔÚGoogle PlayµÄ¿ª·¢ÕßÕþ²ßÖÐвÎÓëÁËÒ»ÌõÎÄÔò£¬ £¬£¬£¬£¬ £¬£¬¸Ã¹æ¶¨´Ë¿Ì½öÔÊÐíAndroidµÄĬÈÏÀûÓýӼûÓû§µÄͨ»°¼Í¼ºÍ¶ÌÐÅ¡£¡£¡£¡£¡£¡£¡£¡£Google»¹ÏÞ¶ÈÁ˶ÔGmail APIµÄ½Ó¼û£¬ £¬£¬£¬£¬ £¬£¬´Ë¿ÌÖ»ÓÐÖ±½Ó¼ÓÇ¿µç×ÓÓʼþÖ°ÄܵÄÀûÓã¨ÈçÓʼþ¿Í»§¶Ë¡¢Óʼþ±¸·Ý·þÎñµÈ£©ÄÜÁ¦¹»½Ó¼û¸ÃAPI¡£¡£¡£¡£¡£¡£¡£¡£Google»¹¸üÐÂÁËÆäÕË»§È¨ÏÞϵͳ£¬ £¬£¬£¬£¬ £¬£¬´Ë¿ÌµÚÈý·½ÀûÓÃÔÚÉêÇë½Ó¼ûGoogleÕË»§Êý¾Ýʱ£¬ £¬£¬£¬£¬ £¬£¬ÏµÍ³»áÕë¶Ôÿһ¸öȨÏÞµ¥¶À½øÐÐÉêÇë¡£¡£¡£¡£¡£¡£¡£¡ £¿£¿£¿£¿£¿£¿£¿ª·¢Õß½«ÓÐ90ÌìµÄ¹¦·òÀ´¸üÐÂÆäÀûÓúͷþÎñ¡£¡£¡£¡£¡£¡£¡£¡£


   Ô­ÎÄÁ´½Ó£º
https://thehackernews.com/2018/10/android-app-privacy.html

2¡¢½ðÑÅÍØµÄ»ã±¨Åú×¢2018ÉϰëÄêÈ«Çò¹²²úÉú945ÆðÊý¾Ýй¶ÊÂÎñ


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ƾ¾Ý½ðÑÅÍØµÄ×îÐÂ×êÑУ¬ £¬£¬£¬£¬ £¬£¬2018ÉϰëÄêÈ«Çò¹²²úÉú945ÆðÊý¾Ýй¶ÊÂÎñ£¬ £¬£¬£¬£¬ £¬£¬¹²ÓÐ45ÒÚÌõÊý¾Ý¼Í¼Ô⵽й¶¡£¡£¡£¡£¡£¡£¡£¡£Óë2017ÄêͬÆÚÏà±È£¬ £¬£¬£¬£¬ £¬£¬ÃÔʧ¡¢±»ÇÔÒÔ¼°Ð¹Â¶µÄÊý¾ÝÔö³¤ÁË133%¡£¡£¡£¡£¡£¡£¡£¡£Ö»¹ÜÊý¾Ýй¶ÊÂÎñµÄÊýÁ¿ÂÔÓнµÂ䣬 £¬£¬£¬£¬ £¬£¬µ«ÊÂÎñµÄÑϳÁ³Ì¶Å×ÐËùÔö³¤¡£¡£¡£¡£¡£¡£¡£¡£ÆäÖÐ6ÆðÉ罻ýÌåÊý¾Ýй¶ÊÂÎñµ¼ÖÂÁ˳¬¹ý56%µÄÊý¾Ýй¶¡£¡£¡£¡£¡£¡£¡£¡£Êý¾Ýй¶µÄ×î³£¼ûÔ­ÒòÊÇ±í²¿³É·Ö£¨Õ¼56%£©¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.helpnetsecurity.com/2018/10/09/data-breaches-2018/

3¡¢Î¢Èí°ä²¼10Ô°²È«¸üУ¬ £¬£¬£¬£¬ £¬£¬¹²½¨¸´49¸ö°²È«·ì϶


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


΢Èí°ä²¼10Ô°²È«¸üУ¬ £¬£¬£¬£¬ £¬£¬¹²½¨¸´Windows¡¢Edge¡¢IEµÈ¶à¿î²úÆ·ÖеÄ49¸ö·ì϶£¬ £¬£¬£¬£¬ £¬£¬ÆäÖÐÔ̺¬12¸ö¸ßΣ·ì϶¡£¡£¡£¡£¡£¡£¡£¡£½ÏΪÑϳÁµÄ·ì϶Ô̺¬WindowsÖеÄÌáȨ·ì϶£¨CVE-2018-8453£©¡¢MSXML½âÎöÆ÷×é¼þÖеÄÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2018-8494£©¡¢JetÊý¾Ý¿âÒýÇæÖеÄÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2018-8423£©¡¢WindowsÄÚºËÖеÄÌáȨ·ì϶£¨CVE-2018-8497£©ÒÔ¼°Azure IoT Hub SDKÖеÄÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2018-8531£©¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2018/10/microsoft-windows-update.html

4¡¢Apple°ä²¼ÐÂÒ»ÂÖiOSºÍiCloud°²È«¸üУ¬ £¬£¬£¬£¬ £¬£¬½¨¸´¶à¸ö·ì϶


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Apple°ä²¼Õë¶ÔiOSºÍiCloudµÄÐÂÒ»ÂÖ°²È«¸üУ¬ £¬£¬£¬£¬ £¬£¬½¨¸´¶à¸ö°²È«·ì϶¡£¡£¡£¡£¡£¡£¡£¡£ÆäÖÐÔÚiOS 12.0.1Öн¨¸´ÁËÁ½¸öÃÜÂëÈÆ¹ý·ì϶£¨CVE-2018-4380ºÍCVE-2018-4379£©¡£¡£¡£¡£¡£¡£¡£¡£°²È«×êÑÐÈËÔ±Jose Rodriguez·¢ÏÖÁËÕâÁ½¸ö·ì϶£¬ £¬£¬£¬£¬ £¬£¬²¢°ä²¼ÁËÓйطì϶ÀûÓÃÊÓÆµ¡£¡£¡£¡£¡£¡£¡£¡£Apple»¹ÔÚiCloud for Windows 7.7.12Öн¨¸´ÁË19¸ö·ì϶£¬ £¬£¬£¬£¬ £¬£¬ÆäÖÐÔ̺¬13¸ö¸ßΣµÄËÁÒâ´úÂëÖ´Ðзì϶¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/apple-releases-security-updates-for-ios-and-icloud-fixes-passcode-bypass/

5¡¢Annapolis LibraryÔâÒøÐÐľÂíEmotetϰȾ£¬ £¬£¬£¬£¬ £¬£¬½ü5000Óû§ÊÜÓ°Ïì


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


ÃÀ¹úÂíÀïÀ¼Öݰ²Äɲ¨Àû˹ÊеÄÒ»¸ö¹«¹²Í¼Êé¹ÝÔâÒøÐÐľÂíEmotetϰȾ£¬ £¬£¬£¬£¬ £¬£¬Ô¼5000ÃûÓû§¿ÉÄÜÊܵ½Ó°Ïì¡£¡£¡£¡£¡£¡£¡£¡£Emotet»áÇÔÈ¡Óû§µÄµÇ¼ʹ´¦¡¢Ó×ÎÒÉí·ÝÐÅÏ¢£¨PII£©ÒÔ¼°ÐÅÓþ¿¨ÐÅÏ¢µÈ£¬ £¬£¬£¬£¬ £¬£¬¹ÌÈ»¸ÃͼÊé¹Ý°µÊ¾Ã»Óпͻ§ÐÅϢй¶£¬ £¬£¬£¬£¬ £¬£¬µ«ÔÚ9ÔÂ17ÈÕÖÁ10ÔÂ4ÈÕÆÚ¼äʹÓÃÁ˸ÃͼÊé¹ÝµÄ¹«¹²ÍÆËã»úµÄ¿Í»§Ó¦¸Ã¾¯ÌèÆäÐÅÓþ¿¨ºÍÒøÐÐÕË»§ÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://news.softpedia.com/news/annapolis-library-computers-infected-with-emotet-almost-5k-customers-affected-523119.shtml

6¡¢×êÑÐÈËÔ±·¢ÏÖÈëÇÖMikroTik·ÓÉÆ÷µÄй¥»÷¼¼Êõ


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Tenable ResearchµÄ×êÑÐÈËÔ±·¢ÏÖÈëÇÖMikroTik·ÓÉÆ÷µÄй¥»÷¼¼Êõ£¬ £¬£¬£¬£¬ £¬£¬Ê¹µÃÒ»¸öÒÑÖªµÄ·ì϶±äµÃ±ÈÒÔǰÒÔΪµÄÔ½·¢Î£ÏÕ¡£¡£¡£¡£¡£¡£¡£¡£¸Ã·ì϶£¨CVE-2018-14847£©Ó°ÏìWinbox×é¼þ£¬ £¬£¬£¬£¬ £¬£¬×êÑÐÈËÔ±·¢Ïָ÷ì϶ÔÊÐí¹¥»÷ÕßÔÚÊÜÓ°ÏìµÄÉ豸ÉÏÔ¶³ÌÖ´ÐдúÂë²¢»ñµÃroot shell¡£¡£¡£¡£¡£¡£¡£¡£»£»£» £»£» £»£»»¾ä»°Ëµ£¬ £¬£¬£¬£¬ £¬£¬ÐµĹ¥»÷¼¼ÊõʹµÃδ¾­ÊÚȨµÄ¹¥»÷ÕßÄܹ»ÈëÇÖRouterOS£¬ £¬£¬£¬£¬ £¬£¬²¿Êð¶ñÒâÈí¼þ»òÈÆ¹ý·ÓÉÆ÷µÄ·À»ðǽ¡£¡£¡£¡£¡£¡£¡£¡£¸Ã·ì϶ÒÑÓÚ2018Äê4Ô±»½¨¸´¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/76940/hacking/mikrotik-routers-attack-poc.html

ÉêÃ÷£º±¾×ÊѶÓÉ8827Ì«Ñô¼¯ÍÅάËûÃü°²È«Ó××é·­ÒëºÍÕû¶Ù