ÒøÐÐľÂíAnubisÐÂÔöPayPalƾ֤ÇÔÈ¡ºÍ×°±¸Ëø¶¨¹¦Ð§£»TP-Link WR940NºÍWR941ND 0day

Ðû²¼Ê±¼ä 2019-04-10
1.ÒøÐÐľÂíAnubisÐÂÔöPayPalƾ֤ÇÔÈ¡ºÍ×°±¸Ëø¶¨¹¦Ð§


×ðÁú¿­Ê± - ÈËÉú¾ÍÊDz«!


ESETÑо¿Ö°Ô±Lukas StefankoÔÚGoogle PlayÊÐËÁÖз¢Ã÷AndroidÒøÐÐľÂíAnubisµÄÒ»¸öбäÌå £¬¸Ã±äÌå»áͨ¹ý¼Í¼¼üÅ̼°½ØÆÁµÄÐÎʽÇÔÈ¡PayPalƾ֤ £¬²¢¼ÓÃÜÉè±¹ØÁ¬ÄËùÓÐÎļþ£¨¸½¼Ó.AnubisCryptÀ©Õ¹Ãû£© £¬È»ºóËø¶¨×°±¸¡£µ«¸Ã±äÌåµÄÀÕË÷¹¦Ð§Ëƺõ²¢²»ÍêÉÆ £¬ËüûÓÐÌáÐÑÊê½ðÐÅÏ¢ £¬Ñо¿Ö°Ô±Ò²¿ÉÒÔÈƹýÕâÖÖËø¶¨¡£GoogleÒѾ­ÔÚPlayÊÐËÁÖÐɾ³ýÁ˸öñÒâÓ¦Óá£


Ô­ÎÄÁ´½Ó£º

https://cyware.com/news/anubis-android-trojan-spotted-stealing-paypal-credentials-and-locking-devices-2c4f0405

2.iOSÌع¤Èí¼þExodus £¬Ö÷ÒªÕë¶ÔÒâ´óÀûºÍÍÁ¿âÂü˹̹


×ðÁú¿­Ê± - ÈËÉú¾ÍÊDz«!


LookoutÇå¾²Ñо¿Ô±Adam Bauer·¢Ã÷iOS°æ±¾µÄÌع¤Èí¼þExodus¡£¸Ãа汾αװ³ÉiOSÓ¦ÓóÌÐò £¬Ö÷ÒªÕë¶ÔÒâ´óÀûºÍÍÁ¿âÂü˹̹µÄÓû§¡£ÓÉÓÚ¶ñÒâAPP°üÀ¨AppleÐû²¼µÄÕýµ±Ö¤Êé £¬ÕâʹµÃÊܺ¦ÕßÉõÖÁ¿ÉÒÔ´ÓApp StoreÍâ×°ÖøÃÓ¦Ó᣸ð汾µÄExodus¿ÉÇÔÈ¡AppleÉè±¹ØÁ¬Ä´ó×ÚÐÅÏ¢ £¬°üÀ¨ÁªÏµÈË¡¢ÕÕƬ¡¢ÊÓƵ¡¢Â¼ÒôºÍGPSÐÅÏ¢ £¬ÉõÖÁ¿ÉÒÔ°´Ðè¼ÖÆÒôƵ¡£


Ô­ÎÄÁ´½Ó£º

https://cyware.com/news/new-ios-version-of-exodus-spyware-uncovered-by-researchers-2cbb0f73

3.ÃϼÓÀ­¹úʯÓ͹«Ë¾PetroBangla¹ÙÍøÔâºÚ¿ÍÈëÇÖ

×ðÁú¿­Ê± - ÈËÉú¾ÍÊDz«!

ÃϼÓÀ­¹úµÄ¹úÓÐʯÓÍ¡¢×ÔÈ»ÆøºÍ¿ó²ú¹«Ë¾PetroBanglaµÄ¹ÙÍøÔâºÚ¿ÍÈëÇÖ¡£ÈëÇÖÊÂÎñ×î³õ±¬·¢ÔÚ4ÔÂ7ÈÕ £¬¸Ã¹«Ë¾ÓÚ4ÔÂ8ÈÕÉÏÎç9µã30·Ö×óÓÒ»Ö¸´ÁËÍøÕ¾ £¬µ«µ±ÌìÏÂÖç¸ÃÍøÕ¾Ôٴα»ºÚ¿ÍÈëÇÖ¡£¹¥»÷ÕßÔÚÍøÕ¾ÉÏÁôÑԳƣº¡°ÕâÖÖˮƽµÄÇå¾²²¢È±·¦¹» £¬ÕվɺÜÈÝÒ×Ôâµ½ÈëÇÖ¡£ÇëÁªÏµn33lob33@mail.ru £¬ÎÒÃÇÕýÔÚÐÞ¸´ÄúÇå¾²ÐÔÉϵÄÈõµã¡±¡£


Ô­ÎÄÁ´½Ó£º

https://cyware.com/news/bangladeshi-oil-company-petrobanglas-website-gets-hacked-twice-71fce94c

4.TP-Link WR940NºÍWR941ND·ÓÉÆ÷ÁãÈÕÎó²î £¬¿Éµ¼ÖÂ×°±¸±»½ÓÊÜ

×ðÁú¿­Ê± - ÈËÉú¾ÍÊDz«!


IBM SecurityÑо¿ÍŶӷ¢Ã÷TP-Link TL-WR940NºÍTL-WR941NDÁ½¿î·ÓÉÆ÷±£´æ»º³åÇøÒç³öÎó²î £¬¿Éµ¼Ö¶ñÒâµÚÈý·½Ô¶³Ì¿ØÖƸÃ×°±¸¡£¸ÃÎó²îÓë×°±¸µÄWeb¿ØÖÆÃæ°åÓйØ £¬ËäȻƾ֤TP-LinkµÄ·ÓÉÆ÷Ïà¹ØÎĵµ £¬ÕâÁ½ÖÖÐͺŶ¼ÒÑÍ£²ú £¬µ«ËüÃÇÈÔ¿ÉÒÔ´ÓTargetºÍWalmartµÈÁãÊÛÉÌ´¦¹ºÖá£TP-LinkÓÚ3ÔÂ12ÈÕÐû²¼Á˹̼þ¸üР£¬½¨ÒéÓû§¾¡¿ì¾ÙÐиüС£


Ô­ÎÄÁ´½Ó£º

https://threatpost.com/tp-link-routers-vulnerable-to-zero-day-buffer-overflow-attack/143575/

5.VerizonÐÞ¸´Fios Quantum Gateway·ÓÉÆ÷ÖеÄÈý¸öÇå¾²Îó²î

×ðÁú¿­Ê± - ÈËÉú¾ÍÊDz«!


Ñо¿Ö°Ô±·¢Ã÷VerizonµÄFios Quantum Gateway£¨G1100£©Â·ÓÉÆ÷±£´æÈý¸öÇå¾²Îó²î £¬¿Éµ¼ÖÂ×°±¸±»½ÓÊÜ¡£ÕâЩÎó²î£¨CVE-2019-3914¡¢CVE-2019-3915ºÍCVE-2019-3916£©µÄ¹æÄ£°üÀ¨root¼¶±ðµÄÏÂÁî×¢Èë¡¢µÇ¼ÖطŹ¥»÷ºÍ¼ÓÑιþÏ£ÃÜÂëй¶¡£VerizonÔÚ3Ô·ÝÐû²¼Á˹̼þ¸üУ¨02.02.00.13£©À´ÐÞ¸´ÕâЩÎó²î¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/verizon-fixes-bugs-allowing-full-control-of-fios-quantum-router/

6.΢ÈíÐû²¼4ÔÂWindowsÇå¾²¸üР£¬ÐÞ¸´74¸öÎó²î


×ðÁú¿­Ê± - ÈËÉú¾ÍÊDz«!


ÔÚ4Ô·ݵÄWindowsÇå¾²¸üÐÂÖÐ £¬Î¢ÈíÐÞ¸´ÁË74¸öÎó²î £¬ÆäÖÐ15¸öÎó²î±»¹éÀàΪCritical¡£½ÏΪÑÏÖصÄÎó²î°üÀ¨ÒÑÔÚÒ°Íâ±»Æð¾¢Ê¹ÓõÄÁ½¸öWin32kÌáȨÎó²î£¨CVE-2019-0803ºÍCVE-2019-0859£© £¬Îó²î¿ÉÔÊÐí¹¥»÷Õß×°ÖóÌÐò¡¢Éó²é»ò¸ü¸Äɾ³ýÊý¾ÝÒÔ¼°½¨ÉèÐÂÕË»§¡£ÍêÕûÎó²îÁбíÇë²Î¿¼ÒÔÏÂÁ´½Ó¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/microsoft/microsofts-april-2019-patch-tuesday-fixes-74-vulnerabilities/