Evernote Chrome²å¼þXSS·ì϶ £¬²¨¼°Ô¼460ÍòÓû§£»WAGO¹¤Òµ»¥»»»úÓ²±àÂëºóÃÅÕË»§£»ºÚ¿ÍÍÅ»ïOutlaw»Ø¹é

°ä²¼¹¦·ò 2019-06-14

1¡¢Evernote Chrome²å¼þXSS·ì϶ £¬²¨¼°Ô¼460ÍòÓû§

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿
 
°²È«³§ÉÌGuardio·¢ÏÖEvernoteµÄChrome²å¼þ£¨Evernote Web Clipper£©ÖдæÔÚÒ»¸öÑϳÁµÄXSS·ì϶ £¬¿ÉÔÊÐí¹¥»÷Õß½Ó¼ûÓû§ÔÚµÚÈý·½·þÎñÖеÄÃô¸ÐÐÅÏ¢ ¡£ÓÉÓÚEvernote¹ãÊÜÓ­½Ó £¬¸Ã·ì϶¿ÉÄܲ¨¼°Ô¼460ÍòÓû§ ¡£¸Ã·ì϶£¨CVE-2019-12592£©ÊôÓÚ²å¼þÖеıàÂëÂß¼­ÃýÎó £¬¿ÉÈÆ¹ýä¯ÀÀÆ÷µÄͬԴսÊõ £¬Ê¹µÃ¹¥»÷Õß½Ó¼ûµÚÈý·½·þÎñµÄÃô¸ÐÓû§ÐÅÏ¢ £¬Ô̺¬Éí·ÝÑéÖ¤ÐÅÏ¢¡¢²ÆÕþÐÅÏ¢¡¢É罻ýÌå̸ÌìÐÅÏ¢¡¢µç×ÓÓʼþÐÅÏ¢µÈ ¡£½¨ÒéÓû§¸üÐÂÖÁ7.11.1¼°¸ü¸ß°æ±¾ ¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/critical-flaw-in-evernote-add-on-exposed-sensitive-data-of-millions/

2¡¢Ë¼¿Æ°ä²¼IOS XEÈí¼þ¸üР£¬½¨¸´Web UIÖеÄCSRF·ì϶

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿
 
Cisco IOS XEÈí¼þWeb UIÖеķì϶£¨CVE-2019-1904£©¿ÉÔÊÐíδ¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß½øÐпçÕ¾ÒªÇóαÔ죨CSRF£©¹¥»÷ ¡£¸Ã·ì϶ԴÓÚÊÜÓ°ÏìÉ豸ÉϵÄWeb UIµÄCSRF±£»¤²»¼° £¬¹¥»÷Õß¿Éͨ¹ýºýŪÓû§½Ó¼û¶ñÒâÁ´½ÓÀ´ÀûÓô˷ì϶ £¬³É¹¦ÀûÓô˷ì϶¿ÉÔÊÐí¹¥»÷ÕßÒÔÓû§µÄȨÏÞ¼¶±ðÖ´ÐÐËÁÒâ²Ù×÷ ¡£ÈôÊÇÓû§ÓµÓÐÖÎÀíȨÏÞ £¬Ôò¹¥»÷ÕßÄܹ»¸ü¸ÄÅäÖá¢Ö´ÐкÅÁî»ò³ÁмÓÔØÊÜÓ°ÏìµÄÉ豸 ¡£¸Ã·ì϶µÄCVSSÆÀ·ÖΪ8.8·Ö £¬½¨ÒéÓû§¾¡¿ì×°Öý¨¸´²¹¶¡ ¡£

Ô­ÎÄÁ´½Ó£ºhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190612-iosxe-csrf

3¡¢WAGO¹¤Òµ»¥»»»ú¶à¸ö·ì϶ £¬Ô̺¬Ó²±àÂëµÄºóÃÅÕË»§

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿
 
SEC Consult×êÑÐÈËÔ±·¢Ïֵ¹úWAGO¹«Ë¾Ôì×÷µÄ¹¤Òµ»¥»»»ú´æÔÚ¶à¸ö·ì϶ ¡£ÕâЩ·ì϶ӰÏìÁËWAGO 852-303¡¢852-1305ºÍ852-1505ϵÁл¥»»»ú £¬¸Ã¹«Ë¾ÒѱðÀë°ä²¼¹Ì¼þ°æ±¾1.2.2.S0¡¢1.1.6.S0ºÍ1.1.5.S0½øÐÐÁ˽¨¸´ ¡£ÆäÖÐ×îÑϳÁµÄ·ì϶ÊÇÓ²±àÂëºóÃÅÕË»§·ì϶£¨CVE-2019-12550£© £¬Ò»¸öÓµÓÐrootȨÏÞµÄĬÈÏÕË»§µÄÍ´´¦´æ´¢ÔÚÎļþÖÐ £¬²¢ÇÒÓµÓÐÈõÃÜÂë £¬¹¥»÷Õß¿ÉÀûÓøÃÕË»§Í¨¹ýTelnet»òSSHÏνӵ½ÊÜÓ°ÏìµÄ»¥»»»ú ¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.securityweek.com/critical-vulnerabilities-found-wago-industrial-switches

4¡¢EviteÈ·ÈϽü1000Íò¿Í»§Êý¾Ý±»µÁ £¬ÒÑÔÚ°µÍøÏúÊÛ

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿
 
µç×ÓÔ¼Ç뺯ƽ̨EviteÈ·ÈÏÔÚ2019Äê2ÔÂ22ÈÕÔâºÚ¿ÍÈëÇÖ £¬½ü1000ÍòÓû§Êý¾Ýй¶²¢ÔÚ°µÍøÊг¡ÉÏÏúÊÛ ¡£Evite°µÊ¾Î´¾­ÊÚȨµÄµÚÈý·½»ñµÃÁËÒ»¸ö·Ç»î¶¯Êý¾Ý´æ´¢ÎļþµÄ½Ó¼ûȨÏÞ £¬¸Ã´æ´¢ÎļþÔ̺¬2013Äê֮ǰµÄEviteÓû§ÕË»§ÐÅÏ¢ £¬ÀýÈçÐÕÃû¡¢Óû§Ãû¡¢µç×ÓÓʼþµØÖ·¡¢ÃÜÂë¡¢µ®ÉúÈÕÆÚºÍµç»°ºÅÂë £¬µ«²»Ô̺¬²ÆÕþÐÅÏ¢ºÍÉç»á°²È«ºÅÂë ¡£ÕâЩÊý¾Ý±»³ôÃûÔ¶ÑïµÄºÚ¿ÍGnosticplayersÔÚ°µÍøÊг¡Dream MarketÉÏÏúÊÛ ¡£

Ô­ÎÄÁ´½Ó£ºhttps://cyware.com/news/evite-confirms-that-its-customer-data-was-stolen-and-put-up-for-sale-in-the-dark-web-998a1462

5¡¢ºÚ¿ÍÍÅ»ïOutlaw»Ø¹é £¬ÀûÓý©Ê¬ÍøÂç·Ö·¢PerlºóÃźÍMonero¿ó¹¤

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿
 
Ç÷Ïò¿Æ¼¼·¢ÏÖºÚ¿Í×éÖ¯Outlaw¾íÍÁ³ÁÀ´ £¬ÀûÓý©Ê¬ÍøÂç·Ö·¢ÃÅÂÞ±Ò¿ó¹¤ ¡£¸Ã¹¥»÷»î¶¯ÖØÒªÕë¶ÔÖйú £¬Æä·Ö·¢µÄ¶ñÒâ¿ó¹¤°ó¸¿ÁËÒ»¸ö»ùÓÚPerlµÄºóÃÅ×é¼þºÍÒ»¸öSSHºóÃÅ £¬ÕâÁ½¸ö×é¼þ¶¼ÓëÒÔǰµÄOutlaw¹¥»÷ÓйØ ¡£Í¨¹ý¶ÈÎöshell¾ç±¾×é¼þºÍ´¦ÓÚδִÐÐ״̬µÄÐÝÃß¶ñÒâÎļþ £¬×êÑÐÈËÔ±ÒÔΪOutlaw¹¥»÷ÈÔ´¦ÓÚ²âÊÔ½×¶Î £¬ÆäÖ÷ÕÅÊǽøÒ»²½¿ª·¢´óÐͶñÒâÈí¼þºÍ½©Ê¬ÍøÂç ¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.zdnet.com/article/outlaw-hackers-return-with-cryptocurrency-mining-bot/

6¡¢FormBookÐÂÑù±¾¼ÓÇ¿»ìºÏ¼°ÓƾÃÐÔ»úÔì £¬Í¨¹ýdropper·Ö·¢

28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿
 
Cyberbit×êÑÐÈËÔ±·¢ÏÖFormBook¶ñÒâÈí¼þµÄÐÂÑù±¾Ô̺¬ÐµÄdropper ¡£FormBookÊÇÒ»¸öä¯ÀÀÆ÷±íµ¥ÇÔÈ¡¼°¼üÅ̼ͼľÂí £¬×Ô2016ÄêÔÚºÚ¿ÍÂÛ̳ÉϳöÏÖÒÔÀ´Ò»ÏòÔÚ»ý¼«¿ª·¢ÖÐ ¡£×êÑÐÈËÔ±³Æ¸ÃÐÂÑù±¾¼ÓÇ¿ÁËÏµÍ³ÓÆ¾ÃÐԺͻìºÏ»úÔìÒÔÌӱܼì²â £¬ÐµÄdropper²»½ö»á½âѹËõ¶ñÒâÈí¼þ £¬»¹»á´´½¨Á½¸ö¶ñÒâ¹ý³Ì£ºmshta.exeºÍÁíÒ»¸ödropper £¨Rhododendrons8.exe£© ¡£×êÑÐÈËÔ±ÉÐ佫¸ÃÐÂÑù±¾ÓëÈκι¥»÷»î¶¯¹ØÁªÆðÀ´ ¡£

Ô­ÎÄÁ´½Ó£ºhttps://threatpost.com/new-formbook-dropper-harbors-persistence/145614/