¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20180731

°ä²¼¹¦·ò 2018-07-31

¡¾Êý¾Ýй¶¡¿Ó¢¹úµç×ÓÉÌÎñ·þÎñÉÌÊý¾Ý¿âй¶ £¬Ô¼140ÍòÓû§ÊÜÓ°Ïì


×êÑÐÈËÔ±Taylor Ralston·¢ÏÖÓ¢¹úµç×ÓÉÌÎñ·þÎñÉÌFashion NexusµÄÒ»¸öÊý¾Ý¿â¿É¹«¿ª½Ó¼û £¬¶à¸ö·þ×°ºÍÅäÊÎÍøÕ¾µÄÓû§ÐÅϢй¶ £¬Ô̺¬Jaded London¡¢AX ParisºÍElle Belle AttireµÈÆ·ÅÆ¡£Ð¹Â¶µÄÊý¾ÝÔ̺¬Ô¼140ÍòÓû§µÄÓ×ÎÒÐÅÏ¢ £¬Ô̺¬MD5¹þÏ£ÃÜÂë¡¢ÐÕÃû¡¢µç×ÓÓʼþµØÖ·ºÍµç»°ºÅÂëµÈ¡£Ã»Óм£ÏóÅú×¢Óû§µÄÒøÐп¨ÐÅÏ¢´æÔÚ·çÏÕ¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://www.grahamcluley.com/online-fashion-shoppers-exposed-ecommerce-breach/


¡¾Êý¾Ýй¶¡¿Boys Town¹ú¶È×êÑÐÒ½ÔºÔâºÚ¿ÍÈëÇÖ £¬³¬¹ý10ÍòÃû»¼ÕߺÍÔ±¹¤µÄÐÅϢй¶


Boys Town¹ú¶È×êÑÐÒ½Ôº°ä²¼Í¨Öª³Æ¸Ã×éÖ¯ÓÚ2018Äê5ÔÂ23ÈÕÔâºÚ¿ÍÈëÇÖ £¬³¬¹ý10ÍòÃû»¼ÕߺÍÔ±¹¤µÄÐÅϢй¶¡£Õâ¿ÉÄÜÊÇÓйضùͯҽÁÆ·þÎñµÄ×î´ó¹æÄ£µÄÊý¾Ýй¶¡£Ð¹Â¶µÄÐÅÏ¢Ô̺¬ÐÕÃû¡¢µ®ÉúÈÕÆÚ¡¢Éç±£ºÅÂë¡¢Õï¶Ï»òÒ½ÖÎÐÅÏ¢¡¢ÒøÐÐÕ˺š¢Óû§ÃûºÍÃÜÂëµÈÐÅÏ¢¡£¹¥»÷ÕßÈëÇÖÁ˸Ã×éÖ¯Ô±¹¤µÄµç×ÓÓʼþÕÊ»§ £¬²¢Í¨¹ýδÊÚȨ½Ó¼û»ñÈ¡ÁËÕâЩÐÅÏ¢¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://thehackernews.com/2018/07/data-breach-healthcare.html


¡¾¹¥»÷ÊÂÎñ¡¿KickICOƽ̨ÔâºÚ¿ÍÈëÇÖ £¬¼ÛÖµÔ¼770ÍòÃÀÔªµÄÁîÅÆ±»ÇÔ


ICOƽ̨KickICOÔâµ½ºÚ¿ÍÈëÇÖ £¬³¬¹ý7000ÍòKICKÁîÅÆ±»ÇÔ£¨¼ÛÖµÔ¼770ÍòÃÀÔª£©¡£Æ¾¾ÝKickICOÊ×ϯִÐйÙAnti DanilevskiµÄ˵·¨ £¬¸Ã¹¥»÷ÊÂÎñ²úÉúÔÚ7ÔÂ26ÈÕÐÇÆÚËĵÄUTC¹¦·ò09:04¡£¹¥»÷Õß»ñÈ¡ÁË¿ª·¢ÈËÔ±µÄ˽Կ £¬²¢Åú¸ÄÖÇÄܺÏÔ¼µÄÐÐΪ £¬·ÛËéÁË40¸öµØÖ·ÖеÄKICKÁîÅÆ¶øºóÔÚ40¸ö×Ô¼ºµÄÇ®°üÖд´½¨µÈÁ¿µÄÐÂÁîÅÆ¡£KickICO¿ª·¢ÈËԱĿǰÒѳÁлñµÃÖÇÄܺÏÔ¼µÄ½Ó¼ûȨ¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/kickico-platform-loses-77-million-in-recent-hack/


¡¾¶ñÒâÈí¼þ¡¿×êÑÐÍŶÓÔÚGoogle PlayÖз¢ÏÖ145¸öϰȾ¶ñÒâÈí¼þµÄapp


Palo Alto NetworksµÄUnit 42×êÑÐÍŶÓÔÚGoogle PlayÖз¢ÏÖ145¸öappϰȾ¶ñÒâµÄWindows¿ÉÖ´ÐÐÎļþ¡£´óÎÞÊýÊÜϰȾµÄappÔÚ2017Äê10ÔÂÖÁ11ÔÂÖ®¼ä°ä²¼µ½Google Play £¬Óм¸¸öappµÄ×°ÖôÎÊý³¬¹ý1000´Î²¢ÇÒ»ñµÃÁË4ÐÇÆÀ¼¶¡£ÖµÍ×ÌùÐĵÄÊÇ £¬ÊÜϰȾµÄapkÎļþ²»»á¶ÔAndroidÉ豸×é³ÉÈκÎÍþв £¬ÓÉÓÚÕâЩ¶ñÒâPEÎļþÖ»ÄÜÔÚWindowsÉÏÔËÐС£ÕâÅú×¢appµÄ¿ª·¢ÈËÔ±Êܵ½Á˶ñÒâÈí¼þµÄϰȾ £¬Õâ¿ÉÄܱ»ÓÃÀ´ÌáÒ鹩¸øÁ´¹¥»÷¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://researchcenter.paloaltonetworks.com/2018/07/unit42-hidden-devil-development-life-cycle-google-play-apps-infected-windows-executable-files/


¡¾°²È«²¥±¨¡¿Æ¾¾Ý×îеÄ×êÑг¬¹ýÒ»°ëµÄÃÀ¹úµ±¾Ö»ú¹¹ÒÑÆëȫִÐÐDMARC³ß¶È


ƾ¾ÝAgariµÄ×êÑÐ £¬³¬¹ýÒ»°ëµÄÃÀ¹úµ±¾Ö»ú¹¹ÒÑÆëȫִÐÐDMARCµç×ÓÓʼþ°²È«³ß¶È¡£ÃÀDHSÔÚ2017ÄêÊ®ÔÂÖÐÑ®°ä²¼ÁËBOD 18-01 £¬ÒªÇóËùÓÐÁª¹ú»ú½á¹¹¶©´òËã²¢Ö´ÐÐÍøÒ³ºÍµç×ÓÓʼþ°²È«¼¼Êõ £¬ÈçHTTPS¡¢STARTTLSºÍDMARC¡£AgariÒ»ÏòÔÚ¼à¿Ø1000¶à¸öµ±¾ÖÓòÃû £¬ÒÔ¼ì²âÆä״̬¡£½ØÖÁ2018Äê7ÔÂ15ÈÕ £¬922¸öµ±¾ÖÓòÃû£¨Õ¼×ÜÊýµÄ81%£©ÒÑÆôÓÃÁËDMARC £¬Ô¼600¸öÓòÃû£¨Õ¼52%£©ÒÑÔì¶©ÁËrejectÕ½Êõ¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.securityweek.com/dmarc-fully-implemented-half-us-government-agencies


¡¾Íþвµý±¨¡¿ÃÀ¹úµ±¾Ö°ä²¼ÖҸ棺¾¯ÌèÕë¶ÔÆóÒµµÄ¹ú¶È¼¶¹©¸øÁ´¹¥»÷


ÃÀ¹úµ±¾ÖÖÒ¸æÕë¶ÔÆóÒµµÄ¹ú¶È¼¶¹©¸øÁ´¹¥»÷¡£Æ¾¾ÝÃÀNCSCµÄ»ã±¨ £¬Ëæ×ÅÈËΪÖÇÄܺÍÎïÁªÍøµÈм¼ÊõÔÚÍøÂçÖÐÒýÈëеķì϶ £¬ÍøÂ簲ȫÉçÇø²¢Ã»ÓÐ×öºÃÓ¦¶ÔµÄ³ï±¸ £¬Èí¼þ¹©¸øÁ´¹¥»÷½«³ÉΪ×î´óµÄÐÂÐËÍþв֮һ¡£NCSC³Æ2017ÄêÊÇÒ»¸ö·ÖË®Áë £¬ÓÉÓÚÔÚÕâÒ»Äê²úÉúÁË7Æð³Á´óµÄ¹©¸øÁ´¹¥»÷ÊÂÎñ £¬¶øÔÚ֮ǰµÄÈýÄêÖ»²úÉúÁË4Æð¡£

 

Ô­ÎÄÁ´½Ó£ºhttps://www.infosecurity-magazine.com/news/us-warns-of-supply-chain-attacks/