¡¶Î¬ËûÃü¡·ÖðÈÕÇå¾²¼òѶ20180808

Ðû²¼Ê±¼ä 2018-08-08

¡¾ÍþвÇ鱨¡¿Ñо¿Ö°Ô±·¢Ã÷ÆƽâWPAºÍWPA2ÎÞÏßÃÜÂëµÄмò»¯ÒªÁì


Hashcat¿ª·¢Ö°Ô±Jens Steube·¢Ã÷Ò»ÖÖÆƽâWPA/WPA2ÎÞÏßÃÜÂëµÄ¸ü¿ì¸ü¼òÆÓµÄÒªÁì¡£¡£¡£¡£¡£ÒÑÍùÆƽâWPA/WPA2¼ÓÃÜЭÒéÊÇÒ»¸ö³ÁÖغÄʱµÄÀú³Ì£¬£¬£¬ÐèÒªÆÚ´ýÕýµ±Óû§µÇ¼²¢×èµ²ÆäËÄ´ÎÎÕÊÖµÄÍêÕûÐÅÏ¢¡£¡£¡£¡£¡£ÐµĹ¥»÷Õ½ÂÔÔÊÐí¹¥»÷ÕßÖ±½Ó´Ó·ÓÉÆ÷ÖлñµÃPMKID£¬£¬£¬¶øÎÞÐèÆÚ´ýÕýµ±Óû§µÇ¼£¬£¬£¬Ò²ÎÞÐ貶»ñËÄ´ÎÎÕÊÖÐÅÏ¢¡£¡£¡£¡£¡£¹¥»÷Õßƽ¾ùÖ»ÐèÒªÔ¼10·ÖÖӾͿÉÒÔ»ñµÃÆäËùÐèµÄÐÅÏ¢£¬£¬£¬È»ºó¿ÉÒÔ×îÏȱ©Á¦ÆƽâÀú³Ì¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/new-method-simplifies-cracking-wpa-wpa2-passwords-on-80211-networks/


¡¾Êý¾Ýй¶¡¿Ä«Î÷¸çÒ»Ò½ÁÆÊý¾Ý¿â¿É¹ûÕæ»á¼û£¬£¬£¬Ô¼200Íò»¼ÕßµÄÐÅϢй¶


Çå¾²Ñо¿Ô±Bob Diachenkoͨ¹ýShodan·¢Ã÷Ò»¸öÄ«Î÷¸çÒ½ÁÆÊý¾Ý¿â¿É¹ûÕæ»á¼û£¬£¬£¬¸ÃMongoDBÊý¾Ý¿â°üÀ¨Ô¼200Íò»¼ÕßµÄÒ½ÁÆÐÅÏ¢£¬£¬£¬°üÀ¨ÐÕÃû¡¢ÐԱ𡢳öÉúÈÕÆÚ¡¢°ü¹ÜÐÅÏ¢¡¢²Ð¼²×´Ì¬ºÍ¼ÒͥסַµÈÐÅÏ¢¡£¡£¡£¡£¡£Diachenko·¢Ã÷¸ÃÊý¾Ý¿âµÄÖÎÀíÔ±µç×ÓÓʼþÓòÃûΪhovahealth.comºÍefimed.care£¬£¬£¬ÔÚ֪ͨHova Health¹«Ë¾ºó£¬£¬£¬¸ÃÊý¾Ý¿âÔÚÈý¸öСʱÄÚ»ñµÃ±£»£»£»£»£»£»£»¤¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/health-care-data-of-2-million-people-in-mexico-exposed-online/


¡¾Êý¾Ýй¶¡¿TCMÒøÐÐÒòÍøÕ¾ÉèÖùýʧµ¼Ö²¿·ÖÓû§µÄÃô¸ÐÊý¾Ýй¶


TCMÒøÐÐÊÇICBA BancardµÄ×Ó¹«Ë¾£¬£¬£¬ËüÊÇÃÀ¹ú750¶à¼ÒСÐͺÍÉçÇøÒøÐеÄÐÅÓÿ¨¿¯ÐÐÉÌ¡£¡£¡£¡£¡£¸ÃÒøÐÐÐû²¼ÆäÍøÕ¾ÉèÖùýʧµ¼Ö²¿·ÖÐÅÓÿ¨ÉêÇëÈ˵ÄÐÅÏ¢ÔÚ2017Äê3Ô³õÖÁ2018Äê7ÔÂÖÐѮ֮¼äµÄ16¸öÔÂÄÚÔÚÏß̻¶¡£¡£¡£¡£¡£¿£¿ £¿ÉÄÜ鶵ÄÊý¾Ý°üÀ¨ÉêÇëÈ˵ÄÐÕÃû¡¢µØµã¡¢³öÉúÈÕÆÚºÍÉç±£ºÅÂëµÈ¡£¡£¡£¡£¡£ÊÜÓ°ÏìµÄ¿Í»§ÊýĿΪ²»µ½1ÍòÈË¡£¡£¡£¡£¡£TCM³ÆÆäÔÚ2018Äê7ÔÂ16ÈÕ·¢Ã÷Á˸ÃÎÊÌ⣬£¬£¬²¢ÔÚµÚ¶þÌì¾ÙÐÐÁËÐÞ¸´¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/75078/data-breach/tcm-bank-data-leak.html


¡¾Çå¾²²¥±¨¡¿Îå½Ç´ó¥եȡʿ±øÔÚÃô¸Ð»ùµØʹÓÿɾÙÐÐGPS¶¨Î»µÄµç×Ó×°±¸


ƾ֤Îå½Ç´óÂ¥µÄÐÂÏÂÁ£¬£¬ÔÚÃô¸Ð»ùµØ»òijЩ¸ßΣº¦Õ½µØµØÇøµÄ¾ü¶ÓºÍ¹ú·ÀÖ°Ô±½«²»±»ÔÊÐíʹÓÿÉÒÔ¾ÙÐеØÀí¶¨Î»µÄ½¡Éí×·×ÙÆ÷ºÍÊÖ»úappµÈ¡£¡£¡£¡£¡£ÕâЩµØÀí¶¨Î»¹¦Ð§¿ÉÄÜ»á̻¶СÎÒ˽¼ÒÐÅÏ¢¡¢Î»Öá¢ÈÕ³£»£»£»£»£»£»£»î¶¯ºÍ¹ú·ÀÖ°Ô±µÄÊýÄ¿µÈÐÅÏ¢£¬£¬£¬²¢¿ÉÄÜÔì³ÉÒâÍâµÄÇ徲Ч¹ûºÍÔöÌíʹÃüΣº¦¡£¡£¡£¡£¡£ÕâЩÏÞÖÆ°üÀ¨½¡Éí×·×ÙÆ÷¡¢ÊÖ»ú¡¢Æ½°åµçÄÔ¡¢ÖÇÄÜÊÖ±íºÍÆäËüÓ¦ÓóÌÐòµÄGPS¹¦Ð§¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.securityweek.com/pentagon-restricts-use-fitness-trackers-other-devices


¡¾Çå¾²²¥±¨¡¿FacebookÐû²¼¿ªÔ´¸ßÐÔÄÜTLS¿âFizz£¬£¬£¬×ÊÖúÍƶ¯ÆÕ¼°TLS 1.3ЭÒé


FizzÊÇÓÃC++ 14±àдµÄÒ»¸ö¿É¿¿µÄ¡¢¸ßÐÔÄܵÄTLS¿â£¬£¬£¬ËüÖ§³ÖËùÓеÄÖ÷ÒªÎÕÊÖģʽ£¬£¬£¬¾ßÓÐÇ¿Ê¢µÄ¼ÓÃÜËã·¨ºÍÓÅÔ½µÄÐÔÄÜ¡£¡£¡£¡£¡£×ÔÉϸöÔÂβÒÔÀ´£¬£¬£¬GoogleµÄChromeä¯ÀÀÆ÷ÒÑ×îÏȽ«ËùÓеķÇHTTPSÍøÕ¾±ê¼ÇΪ²»Çå¾²£¬£¬£¬ÒÔÆÈʹÍøÕ¾ÖÎÀíÔ±Çл»µ½HTTPS¡£¡£¡£¡£¡£FacebookÔÚGitHubÉÏ¿ªÔ´ÁËFizz£¬£¬£¬ÒÔ×ÊÖúÍƶ¯TLS 1.3ЭÒéµÄÆÕ¼°¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://thehackernews.com/2018/08/fizz-tls-ssl-library.html


¡¾Îó²î²¹¶¡¡¿GoogleÐû²¼8ÔÂAndroidÇå¾²¸üУ¬£¬£¬¹²ÐÞ¸´43¸öÇå¾²Îó²î


ƾ֤Google×îÐÂÐû²¼µÄAndroidÇ徲ͨ¸æ£¬£¬£¬8ÔµÄAndroidÇå¾²¸üаüÀ¨2018-08-01ºÍ2018-08-05Á½¸öÇå¾²²¹¶¡¼¶±ð£¬£¬£¬ÐÞ¸´ÁË°üÀ¨¿ò¼Ü¡¢¶àýÌå¿ò¼Ü¡¢ÏµÍ³¡¢Äںˡ¢¸ßͨ×é¼þ¡¢¸ßͨ±ÕÔ´×é¼þµÈ×é¼þÄÚµÄ43¸öÇå¾²Îó²î¡£¡£¡£¡£¡£Googleͬʱ»¹Ðû²¼ÁËPixel/NexusµÄ8ÔÂÇå¾²¸üУ¬£¬£¬¹²ÐÞ¸´ÁË28¸öÇå¾²Îó²î¡£¡£¡£¡£¡£½¨ÒéÏà¹ØÓû§¾¡¿ì¾ÙÐÐÉý¼¶¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://source.android.com/security/bulletin/2018-08-01