Boyd GamingÔâÍøÂç¹¥»÷ÖÂÔ±¹¤Êý¾Ýй¶

°ä²¼¹¦·ò 2025-09-25

1. Boyd GamingÔâÍøÂç¹¥»÷ÖÂÔ±¹¤Êý¾Ýй¶


9ÔÂ23ÈÕ £¬ÃÀ¹úÉÏÊв©²ÊÓéÀÖ¹«Ë¾Boyd Gaming Corporation½üÈÕÅû¶Ôâ·êÍøÂç¹¥»÷ £¬ÍþвÐÐΪÕßÈëÇÔìäϵͳ²¢ÇÔÈ¡ÁËÔ̺¬Ô±¹¤ÐÅÏ¢¼°ÉÙÊýÆäËûÓ×ÎÒÊý¾ÝµÄÄÚÈÝ¡£¸Ã¹«Ë¾×ܲ¿Î»ÓÚÄÚ»ª´ïÖÝ £¬ÔÚÈ«ÃÀÊ®¸öÖÝÔËÓª28´¦²©²Ê×ʲú £¬²¢ÖÎÀí¼ÓÖݱ±²¿Ò»¼Ò²¿Âä¶Ä³¡ £¬Õ¼Óг¬¹ý16,000ÃûÔ±¹¤ £¬2024ÄêÓªÊÕ´ï39ÒÚÃÀÔª¡£Æ¾¾ÝÏòÃÀ¹ú֤ȯÂòÂôίԱ»áÌá½»µÄ8-KÎļþ £¬Boyd GamingÔÚ¹¥»÷²úÉúºóÓë±í²¿ÍøÂ簲ȫר¼ÒºÏ×÷Ó¦¶Ô £¬²¢Í¨ÖªÁË·¨Âɲ¿ÃÅ¡£¹«Ë¾È·ÈÏ £¬Î´¾­ÊÚȨµÄµÚÈý·½´ÓÆäITϵͳÖÐɾ³ýÁËÌØ¶¨Êý¾Ý £¬Éæ¼°Ô±¹¤¼°ÉÙÊýÆäËûÓ×ÎÒ¡£Ä¿Ç° £¬¹«Ë¾ÕýÖðÒ»ÖÂÐÅÊÜÓ°ÏìÓ×ÎÒ £¬²¢½«Æ¾¾ÝÒªÇóÏòÓйؼà¹Ü»ú¹¹¼°µ±²¿ÃÅÃŻ㱨ÊÂÎñϸ½Ú¡£Ö»¹Ü²úÉúÊý¾Ýй¶ £¬Boyd GamingÇ¿µ÷ÆäÔËӪδÊÜ×ÌÈÅ £¬Ô¤¼ÆÊÂÎñ²»»á¶Ô²ÆÕþÇé¿ö²úÉú³Á´ó²»ÀûÓ°Ïì¡£¹«Ë¾ÒѲɰìÍøÂ簲ȫ±£ÏÕ £¬ÓйØÓöÈÔ¤¼Æ¿ÉÓɱ£ÏÕ¸²¸Ç¡£½ØÖÁĿǰ £¬ÉÐÎÞÀÕË÷Èí¼þ×éÖ¯»òÆäËûÍþвÐÐΪÕßÐû³Æ¶ÔÕâ´Î¹¥»÷ÕÆ¹Ü¡£


https://www.bleepingcomputer.com/news/security/boyd-gaming-discloses-data-breach-after-suffering-a-cyberattack/


2. CISA½«Google Chromium·ì϶Ôö³¤µ½ÒÑÖª±»ÀûÓ÷ì϶Ŀ¼ÖÐ


9ÔÂ23ÈÕ £¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©½üÈÕ½«Google Chromium·ì϶CVE-2025-10585ÁÐÈëÆäÒÑÖª±»ÀûÓ÷ì϶£¨KEV£©Ä¿Â¼¡£¸Ã·ì϶ÊÇV8 JavaScriptºÍWebAssemblyÒýÇæÖеÄÀàÐÍ»ìºÏÎÊÌâ £¬µ±Èí¼þÎó½«ÄÚ´æ¼ø±ðΪÃýÎóÀàÐͶÔÏóʱ £¬¹¥»÷Õ߿ɽè´Ë·ÛËéÄÚ´æ¡¢µ¼Ö·¨Ê½±ÀÀ £»òÖ´ÐжñÒâ´úÂë¡£´ËÀà·ì϶ÔÚC/C++±àдµÄä¯ÀÀÆ÷ÀûÓÃÖÐÓÈΪ³£¼û £¬ÒòÄڴ氲ȫÐÔ½ÏÈõÒ×±»ÀûÓ᣹ȸèÓÚ2025Äê9ÔÂÖÐÑ®°ä²¼°²È«¸üн¨¸´ÁËÔ̺¬CVE-2025-10585ÔÚÄÚµÄËĸöChrome·ì϶ £¬²¢È·Èϸ÷ì϶ÒÑÔÚÒ°±í±»ÀûÓ᣹ȸèÍþв·ÖÎöÓ××飨TAG£©ÓÚ9ÔÂ16ÈÕ·¢Ïָ÷ì϶ £¬Ä¿Ç°Õýµ÷²éÃñ×å¹ú¶ÈÐÐΪÕߺÍóÒ×¼äµýÈí¼þ¹©¸øÉ̵Ĺ¥»÷ £¬´§Ä¦ÆäÖÐÒ»ÍþвÐÐΪÕßÒÑÀûÓô˷ì϶ִÐй¥»÷¡£Æ¾¾ÝÓµÓÐÔ¼ÊøÁ¦µÄÔËÓªÖ¸ÁBOD£©22-01 £¬Áª¹úÃñÊÂÐÐÕþ²¿ÃÅ£¨FCEB£©»ú¹¹ÐèÔÚ2025Äê10ÔÂ14ÈÕǰʵÏÖ·ì϶½¨¸´ £¬ÒÔ½µµÍÂä´ó·çÏÕ¡£CISAͬʱ½¨Òé¸öÈË×éÖ¯Éó²éKEVĿ¼²¢½¨¸´×ÔÉí»ù´¡ÉèÊ©ÖеÄÓйطì϶¡£


https://securityaffairs.com/182509/security/u-s-cisa-adds-google-chromium-flaw-to-its-known-exploited-vulnerabilities-catalog.html


3. Æû³µ±£ÏÕÆ½Ì¨ClaimPixй¶³¬¹ý500Íò¸öÎļþ


9ÔÂ23ÈÕ £¬ÍøÂ簲ȫ×êÑÐÔ±Jeremiah FowlerÏòWebsite Planet»ã±¨·¢ÏÖÒ»¸öδ¼ÓÃÜÇÒÎÞÃÜÂë± £»¤µÄÊý¾Ý¿â £¬¸ÃÊý¾Ý¿âÔ̺¬510Íò¸öÎļþ¡¢×ÜÈÝÁ¿´ï10TB £¬Éæ¼°ÊÚȨÊé¡¢³µÁ¾µÇ¼Ç¡¢Î¬½¨·¢Æ±¼°´øÓÐÇ峺³µÅƺÍVINÂëµÄÊÜËð³µÁ¾Í¼ÏñµÈÃô¸ÐÐÅÏ¢¡£¾­·ÖÎö £¬ÕâЩ¼Í¼ÊôÓÚÒÁÀûŵÒÁÖÝÆû³µ±£ÏÕË÷ÅâÆ½Ì¨ClaimPix¡£Êý¾Ý¿âÖÐÔ̺¬ÐÕÃû¡¢µØÖ·¡¢µç»°¡¢µç×ÓÓʼþµÈÓ×ÎÒÉí·ÝÐÅÏ¢£¨PII£© £¬ÒÔ¼°½ü1.6Íò·Ýµç×ÓÊðÃûÊÚȨίÍÐÊé £¬ÆäÖÐÔ̺¬ÊðÃûÕßIPµØÖ·¡£´Ë±í £¬»¹Ô̺¬Èí¼þÐí¿ÉºÍ̸µÈÄÚ²¿Îļþ £¬Â¶³öÁ˲»Ó¦¹«¿ªµÄÌõ¿îºÍÓöÈÐÅÏ¢¡£Fowlerͨ¹ýÕÆ¹ÜÈÎÅû¶֪ͨClaimPixºó £¬¸ÃÊý¾Ý¿â±»Ñ¸¿ìÏ޶ȽӼû¡£ClaimPix»ØÓ¦³ÆÒѸüÐÂÕþ²ßºÍ´úÂ뽨¸´·ì϶¡£È»¶ø £¬Êý¾Ý¿â¹éÊô¼°Â¶³öʱ³¤ÈÔ´æÒÉ £¬ÐèÄÚ²¿Éó¼ÆÈ·ÈÏÊÇ·ñÓÐÆäËû½Ó¼û»ò¿ÉÒɻ¡£½¨Òé±£ÏÕÐÐÒµÆóÒµ¼ÓÃÜËùÓÐÃô¸ÐÊý¾Ý £¬Ö´Ðжà³É·ÖÈÏÖ¤ºÍ»ùÓÚ½ÇÉ«µÄ½Ó¼û½ÚÔì £¬¶¨ÆÚÉóºËÔÆ´æ´¢ÏµÍ³²¢½øÐзì϶²âÊÔ¡£Ó×ÎÒÈôÒÉ»óÐÅϢй¶ £¬Ó¦¼à¿ØÐÅÓþ»ã±¨¡¢Ê¹ÓÃÐÅÓþ¶³½á·þÎñ £¬²¢Í¨¹ýFTCµÄIdentityTheft.gov¾Ù±¨¡£


https://www.websiteplanet.com/news/claimpix-breach-report/


4. Motility Software SolutionsÊý¾Ýй¶ £¬Ó°Ïì76ÍòÏû·ÑÕß


9ÔÂ24ÈÕ £¬×¨ÓÃÆû³µ¾­ÏúÉÌÖÎÀíÈí¼þ¹©¸øÉÌMotility Software Solutions 8ÔÂ19ÈÕÔÚÆäÍøÂçÖз¢ÏÖ¿ÉÒɻ £¬Ñ¸¿ìÏÂÏßÊÜÓ°Ïì·þÎñÆ÷ÒÔ½ÚÔìÊÂÎñ £¬²¢½áºÏÍøÂ簲ȫר¼Ò·¢Õ¹µ÷²é¡£Õâ´ÎÊÂÎñµ¼ÖÂÔ¼76ÍòÃûÃÀ¹úÏû·ÑÕßµÄÓ×ÎÒÉí·ÝÐÅÏ¢£¨PII£©±»Î´¾­ÊÚȨ½Ó¼û £¬Ð¹Â¶Êý¾ÝÔ̺¬ÐÕÃû¡¢µ®ÉúÈÕÆÚ¡¢¼ÝÕÕºÅÂë¼°Éç»á°²È«ºÅÂëµÈÃô¸ÐÐÅÏ¢¡£MotilityÇ¿µ÷ £¬Êý¾Ýй¶½öÏÞÓÚÆä×ÔÉíÍøÂç £¬Î´²¨¼°Ä¸¹«Ë¾À×ŵ×È£¨Reynolds and Reynolds£©µÄϵͳ»òÍøÂç¡£ÊÂÎñ²úÉúºó £¬Motilityµ±¼´²ÉÈ¡¶àÏî²¹¾È´ëÊ©£º¸ôÀëÊÜÓ°Ïì·þÎñÆ÷¡¢ÀñƸ±í²¿ÍøÂ簲ȫר¼ÒЭÖúµ÷²é £¬²¢Í¨Öª·¨Âɲ¿ÃÅȾָ¡£Îª¼ÓÇ¿°²È«·À»¤ £¬¹«Ë¾Ö´ÐÐÁ˶î±í°²È«´ëÊ© £¬Ô̺¬ÒýÈëй¤¾ß¡¢³ÉÁ¢ÈßÓàµÄµÚÈý·½¼à¿Ø»úÔì £¬²¢È«ÃæÉó²éÏÖÓÐÍøÂ簲ȫʵ¼Ê¡£Õë¶ÔÊÜÓ°ÏìÏû·ÑÕß £¬MotilityÕýÖðÒ»ÖÂÐŲ¢ÌṩÃâ·ÑÐÅÓþ¼à¿Ø·þÎñ £¬½¨ÒéÓû§¶¨ÆÚºË²éÐÅÓþ»ã±¨Òì³ £»î¶¯ £¬¾¯ÌèÀûÓÃй¶ÐÅÏ¢Ö´ÐеÄÍøÂç´¹µö»òڲƭÐÐΪ¡£Èô·¢ÏÖÐÅÏ¢±»µÁÓà £¬Ïû·ÑÕß¿ÉÏòÖØÒªÐÅÓþ»ú¹¹ÉêÇëڲƭ¾¯±¨»òÐÅÓþ¶³½áÒÔÏÞ¶ÈËðʧ¡£


https://www.claimdepot.com/data-breach/motility-2025


5. Libraesvaµç×ÓÓʼþ°²È«Íø¹Ø·ì϶Ôâ¹ú¶ÈºÚ¿ÍÀûÓÃ


9ÔÂ24ÈÕ £¬ÍøÂ簲ȫ³§ÉÌLibraesvaÒѽ¨¸´Æäµç×ÓÓʼþ°²È«Æ½Ì¨ÖÐÒ»¸ö±»Ò°±íÀûÓõĸßΣ·ì϶CVE-2025-59689¡£¸Ã·ì϶CVSSÆÀ·ÖΪ6.1 £¬ÊôÓÚºÅÁî×¢Èë·ì϶ £¬¹¥»÷Õß¿ÉÀûÓÃÔ̺¬¶ñÒâѹËõ¸½¼þµÄµç×ÓÓʼþ´¥·¢·ì϶ £¬ÔÚ·ÇÌØÈ¨Óû§È¨ÏÞÏÂÖ´ÐÐËÁÒâºÅÁî¡£·ì϶±¾Ô­ÔÚÓÚÆ½Ì¨´¦ÖÃÌØ¶¨Ñ¹ËõÎļþÌåʽʱ´æÔÚÊäÈëËãÕÊȱµã £¬µ¼ÖÂÓÐÐ§ÔØºÉÈÆ¹ý°²È«»úÔìÖ´ÐÐshellºÅÁî¡£Õâ´Î·ì϶ӰÏìLibraesva ESG 4.5ÖÁ5.5°æ±¾ £¬µ«¼øÓÚ4.x°æ±¾ÒÑÍ£²ú £¬³§É̽öÕë¶Ô5.x°æ±¾°ä²¼²¹¶¡¡£¹«Ë¾ÒÑÏòÔÆ¶ËºÍ±¾µØ²¿Êð»·¾³ÍÆËͽ¨¸´·¨Ê½ £¬Ä¿Ç°ËùÓÐÉ豸¾ùÔËÐн¨¸´ºóµÄÈí¼þ¡£¶ÔÓÚÈÔÔËÐб¾µØESG 4.x°æ±¾µÄ¿Í»§ £¬LibraesvaÇ¿ÁÒ½¨ÒéÊÖ¶¯Éý¼¶ÖÁÒѽ¨²¹µÄ5.x°æ±¾ £¬ÒÔ¶ã±ÜDZÔÚ·çÏÕ¡£ÖµÍ×ÌùÐĵÄÊÇ £¬¸Ã·ì϶Òѱ»ÏÖʵÀûÓá£LibraesvaÈ·ÈϲúÉúһ·ÀÄÓÃÊÂÎñ £¬ÍþвÐÐΪÕß±»ËÝÔ´ÖÁ±í¹úµÐ¶Ô¹ú¶ÈʵÌå¡£Õâ´ÎÊÂÎñÔٴξ¯Ê¾ÆóÒµÐèÆ÷³Á¹©¸øÁ´°²È« £¬ÊµÊ±¸üÐÂϵͳ²¹¶¡ £¬²¢³ÉÁ¢¶àµµ´Î·ÀÓù»úÔìÒÔÓ¦¶Ô¹ú¶ÈÖ§³ÖµÄ¸ß¼¶ÍøÂç¹¥»÷¡£


https://www.securityweek.com/libraesva-email-security-gateway-vulnerability-exploited-by-nation-state-hackers/


6. µÂ¹úFAIº½¿Õ¼¯ÍÅÔâJ GroupÀÕË÷Èí¼þ¹¥»÷ £¬3TBÃô¸ÐÊý¾Ýй¶


9ÔÂ24ÈÕ £¬µÂ¹ú°ü»úÔËÓªÉÌFAIº½¿Õ¼¯ÍŽüÈÕÔâJ GroupÀÕË÷Èí¼þÍÅ»ïÍøÂç¹¥»÷ £¬¹¥»÷ÕßÐû³ÆÒÑÇÔÈ¡½ü3TBÃô¸ÐÊý¾Ý £¬º­¸Ç¹«Ë¾¾ßÌåÐÅÏ¢¡¢Ò½ÁÆÊý¾Ý¼°Ô±¹¤ÒþÖÔÎļþ¡£¸ÃÍÅ»ïͨ¹ý°µÍø²©¿Í¹«¿ªÊܺ¦ÕßÐÅÏ¢²¢Íþвй¶Êý¾Ý £¬Ä¿Ç°FAIÉÐδ»ØÓ¦¡£¾Ý×êÑÐÍŶӷÖÎö £¬Ð¹Â¶Êý¾ÝÔ̺¬»¼ÕßÁÙ´²ÐÅÏ¢¡¢Ô±¹¤ÅàѵÎļþ¡¢Éó¼ÆÎĵµ¡¢·É»ú¹æ¸ñÎļþ¡¢¼òÀú¼°»¤ÕÕ¸´Ó¡¼þµÈÃô¸ÐÄÚÈÝ¡£Ò½ÁÆÊý¾ÝÒò²»³É¸´Ô­¸öÐÔ £¬Ò»µ©Ð¹Â¶½«µ¼Ö»¼Õß²¡Ê·ÓÀԶ¶³ö £¬Ôö³¤Éí·Ý͵ÇÔ¡¢Ú²Æ­¼°Éç»á¹¤³Ì¹¥»÷·çÏÕ¡£¹¥»÷Õß¿ÉÄÜÀûÓÃй¶ÐÅÏ¢¼ÙÒâFAI»ò¹ØÁª·þÎñ £¬Õë¶Ô¸ß¾»Öµ¿Í»§Ö´Ðо«×¼Ú¿Æ­ £¬Í¬Ê±ÄÚ²¿Éó¼ÆÎļþ¿É¶³ö¹«Ë¾ÔËÓªÈõµã £¬ÎªºóÐø¹¥»÷Ìṩָ±ê¡£J Group×÷Ϊ2025ËêÊ×ÐÂÐËÍøÂç·¸×OÍÅ £¬ÒÔÊý¾Ý¾­¼ÍģʽIJÀû £¬ÈôÊê½ð½»ÉæÊ§°Ü £¬½«¹«¿ªÏúÊÛÊý¾Ý¶ø·Çµ¥´¿Ð¹Â¶¡£¸Ã×éÖ¯Ö¸±êÁìÓò¿í·º £¬´ÓÓÎÀÖÔ°µ½º½¿ÕÒµ¾ùÓÐÉæÁÔ £¬Òѹ¥»÷ÖÁÉÙ32¸ö×éÖ¯ £¬³ÉΪÀÕË÷Èí¼þÁìÓò»îÔ¾ÐÂÈ¨ÊÆ¡£


https://cybernews.com/security/fai-aviation-group-data-breach-claims/