¡¶Î¬ËûÃü¡·ÖðÈÕ°²È«¼òѶ20181008

°ä²¼¹¦·ò 2018-10-08
1¡¢×êÑÐÍŶӰ䲼¹ØÓÚÆóÒµµç×ÓÓʼþÚ¿Æ­£¨BEC£©Ç÷ÏòµÄ·ÖÎö»ã±¨

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

ƾ¾ÝDigital ShadowsµÄÆóÒµµç×ÓÓʼþÚ¿Æ­£¨BEC£©»ã±¨ £¬Êý°Ù¼Ò¹«Ë¾ÒòÅäÖÃÃýÎó»ò½«²ÆÕþ²¿Ãŵĵç×ÓÓʼþ/ÃÜÂëÔÚÏß¶³ö £¬µ¼Ö¸üÒ×Êܵ½BEC¹¥»÷¡£×êÑÐÍŶÓͨ¹ýÅäÖÃÃýÎóµÄ·þÎñÆ÷¹²·¢ÏÖÁ˳¬¹ý1200Íò¸öδÊܱ£»¤µÄµç×ÓÓʼþ´æµµ £¬Ô̺¬.eml¡¢.msg¡¢.pst¡¢.ostºÍ.mboxµÈ¡£Í¨¹ýËÑË÷ÕâЩ¿É¹«¿ª½Ó¼ûµÄÎļþ £¬¼´±ãÊǼ¼Êõ²¢²»¸ßÃîµÄ¹¥»÷ÕßÒ²Äܹ»ºÜÈÝÒ×µØÕÒµ½Ãô¸ÐµÄÓ×ÎÒ»ò²ÆÕþÐÅÏ¢¡£


   Ô­ÎÄÁ´½Ó£º
https://www.digitalshadows.com/about-us/news-and-press/business-email-compromise-made-easy-for-cybercriminals-as-12-5-million-company-email-inboxes-and-33000-finance-department-credentials-openly-accessible-on-the-web/


2¡¢×êÑÐÍŶӷ¢ÏÖÖØÒªÕë¶Ô¼ÓÄôóµÄ¶ñÒâÈí¼þZeroEvil

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

Blueliv Labs×êÑÐÍŶÓÔÚ9ÔÂÖÐÑ®¼ì²âµ½Ò»¸öеĶñÒâÈí¼þZeroEvil¡£ZeroEvilÓëÔ¶¿ØÄ¾ÂíARS LoaderÓµÓÐÒ»ÑùµÄ»î¶¯Ä£Ê½ £¬²¢ÇÒ¹²ÏíÁ˲¿ÃÅ´úÂëºÍÖ°ÄÜ £¬ÕâÒâζ×ÅÆä¿ª·¢ÕßÊÇͳһÈË»òͳһ×éÖ¯¡£ZeroEvilÖØÒªÓÃÓÚÕë¶Ô¼ÓÄôóÆóÒµµÄÀ¬»øÓʼþºÍ¶ñÒâ¸æ°×»î¶¯ÖÐ £¬Æä±³ºóµÄ¹¥»÷ÕßÊÇ·¸×ïÍÅ»ïAirNaine£¨±ðÃûTA545£©¡£ZeroEvil»áËÑË÷Ö¸±êÍÆËã»úÓ²ÅÌÉϵÄtext¡¢datºÍdefault_walletÎļþ £¬²¢½«Æä·¢ËÍÖÁ¹¥»÷Õß¡£


  Ô­ÎÄÁ´½Ó£º
https://news.softpedia.com/news/airnaine-uses-new-ars-rat-strain-named-zeroevil-against-canadian-businesses-523078.shtml


3¡¢Git¿ª·¢ÍŶӰ䲼°²È«¸üР£¬½¨¸´Ò»¸ö¿Éµ¼ÖÂRCEµÄ°²È«·ì϶

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


Git¿ª·¢ÍŶӽ¨¸´ÁËGitºÅÁîÐпͻ§¶Ë¡¢Git DesktopÒÔ¼°AtomÖеÄÒ»¸ö¿Éµ¼ÖÂÔ¶³Ì´úÂëÖ´Ðеķì϶¡£¸Ã·ì϶£¨CVE-2018-17456£©¿ÉÔÊÐí¶ñÒâ´úÂë²Ö¿âÔÚÖ¸±êϵͳÉÏÖ´ÐÐËÁÒâ´úÂë¡£¸Ã·ì϶Óë¶ñÒâ´úÂë²Ö¿âÖеÄ.gitmodulesÎļþÓйØ £¬µ±Ê¹ÓúÅÁî--recurse-submodules¿Ë¡´úÂë²Ö¿âʱ £¬½«»áµ¼Ö´úÂëÖ´ÐС£¸Ã·ì϶ÒÑÔÚGit v2.19.1¡¢GitHub Desktop 1.4.2ºÍAtom 1.31.2Öн¨¸´ £¬½¨ÒéÓû§¾¡¿ì¸üÐÂÖÁ×îа汾¡£


  Ô­ÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/git-project-patches-remote-code-execution-vulnerability-in-git/


4¡¢×êÑÐÍŶӷ¢ÏÖ½ü200¸ö¼Ù×°³ÉÓ¢¹úÐÂÎÅÍøÕ¾µÄ¶ñÒâÓòÃû

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

DomainTools·¢ÏÖ197¸ö¸ß·çÏյĶñÒâÓòÃû £¬ÕâЩÓòÃû¼Ù×°³ÉBBC News¡¢Sky NewsºÍITV NewsµÅ×¢¹úÐÂÎÅÍøÕ¾ £¬ÓÃÓÚºýŪÓû§½Ó¼û¸æ°×¡¢ÍøÂçÓû§ÐÅÏ¢ÉõÖÁÏÂÔØ¶ñÒâÈí¼þµÈ £¬»òÕßÊÇÓÃÓÚ´«²¼ÐéαÐÂÎÅ¡£ÕâЩÓòÃûÔ̺¬bbcnew[.]info¡¢theguarsian[.]com¡¢synews[.]coºÍifvnews[.]cnµÈ £¬Æä·çÏÕÆÀ·Ö¶¼³¬¹ý70·Ö¡£½¨ÒéÓû§ÔÚ½Ó¼ûÕâЩÐÂÎÅÍøÕ¾Ê±×Ðϸ²é³­ÆäURL¡£


  Ô­ÎÄÁ´½Ó£º
https://www.infosecurity-magazine.com/news/fake-news-domains-spoof-uk-news/


5¡¢North American Risk Services¹«Ë¾ÔâºÚ¿ÍÈëÇÖ £¬²¿Ãſͻ§µÄÐÅϢй¶

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

±±ÃÀ·çÏÕ·þÎñ¹«Ë¾£¨NARS£©ÔÚ2ÔÂ7ÈÕÖÁ3ÔÂ27ÈÕÆÚ¼äÔâµ½ºÚ¿ÍÈëÇÖ £¬Î´¾­ÊÚȨµÄ¹¥»÷Õß½Ó¼ûÁ˹«Ë¾µÄ²¿Ãŵç×ÓÓʼþ £¬Ô¼610Ãû¿Í»§µÄÓ×ÎÒÐÅϢй¶¡£Ð¹Â¶µÄÐÅÏ¢Ô̺¬ÐÕÃû¡¢Éç±£ºÅÂë¡¢¼ÝÕÕID¡¢ÒøÐÐÕË»§ÐÅÏ¢¡¢Ò½ÁÆÐÅÏ¢¡¢½¡È«±£ÏÕÐÅÏ¢¡¢ÄÉ˰È˼ø±ðºÅÒÔ¼°Óû§Ãû/ÃÜÂëµÈ¡£ÊÜÓ°ÏìµÄ¿Í»§¶¼Î»ÓÚ¼ÓÖÝ £¬¸Ã¹«Ë¾ÔÚÏòÕâЩ¿Í»§·¢ËÍÓйØÍ¨Öª¡£


  Ô­ÎÄÁ´½Ó£º
https://news.softpedia.com/news/hundreds-of-california-residents-affected-by-north-american-risk-services-breach-523086.shtml


6¡¢°µÍøÊг¡Ë¿³ñ֮·µÄÖÎÀíÔ±ÈÏ×ï £¬¿ÉÄÜÃæ¶Ô³¤´ï20ÄêµÄÐÌÆÚ

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿

³ôÃûÔ¶ÑïµÄ°µÍøÊг¡Ë¿³ñ֮·µÄÖÎÀíÔ±Gary DavisÓÚÉÏÖÜÎåÈÏ×ï £¬Æä½«Ãæ¶Ô×î¸ß¿É´ï20ÄêµÄçÐç¥Ö®ÔÖ¡£DavisÊǰ®¶ûÀ¼ÈË £¬ÆäÔÚ2013ÄêΪ˿³ñ֮·µÄ¿Í»§Ìṩ·þÎñºÍÖ§³Ö £¬²¢ÇÒÿÖܶ¼ÊÕµ½¹¤×Ê¡£ËûÔ®ÊÖÖÎÀíË¿³ñ֮·Êг¡ £¬²¢Îª¶¾Æ·ÂòÂôµÄÕùÒéµ£ÈÎÖٲá£DavisÓÚ2014Äê1ÔÂÔÚ°®¶ûÀ¼±»²¶ £¬Ëæºó±»Òý¶ÉÖÁÃÀ¹ú¡£¾ÝFBI³Æ £¬2011Äê2ÔÂÖÁ2013Äê7Ô £¬Ë¿³ñ֮·µÄÂòÂô×ܶî´ï12ÒÚÃÀÔª¡£


  Ô­ÎÄÁ´½Ó£º
https://thehackernews.com/2018/10/silkroad-admin-gary-davis.html


ÉêÃ÷£º±¾×ÊѶÓÉ28ȦάËûÃü°²È«Ó××é·­ÒëºÍÕû¶Ù