¡¶Î¬ËûÃü¡·ÖðÈÕÇå¾²¼òѶ20180727

Ðû²¼Ê±¼ä 2018-07-27
¡¾¹¥»÷ÊÂÎñ¡¿ÖÐÔ¶º£ÔËÃÀ¹ú·Ö¹«Ë¾ÔâÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬¹«Ë¾¹ÙÍøÒṈ̃»¾


ÖÐÔ¶º£Ô˵ÄÃÀ¹ú·Ö¹«Ë¾Ôâµ½ÀÕË÷Èí¼þµÄ¹¥»÷£¬£¬£¬Æä¹«Ë¾ÍøÂçÒÑÏÝÈë̱»¾¡£¡£¡£¡£¸ÃÊÂÎñ±¬·¢ÔÚ7ÔÂ24ÈÕÐÇÆÚ¶þ£¬£¬£¬µ«ÏÖÔڸù«Ë¾ÃÀ¹úµØÇøµÄIT»ù´¡ÉèÊ©ÈÔ´¦ÓڹرÕÖ®ÖУ¬£¬£¬°üÀ¨µç×ÓÓʼþЧÀÍÆ÷ºÍµç»°ÍøÂçµÈ£¬£¬£¬Æä¹ÙÍøÒ²´¦ÓڹرÕ״̬¡£¡£¡£¡£Ñ¬È¾¸Ã¹«Ë¾ÍøÂçµÄÀÕË÷Èí¼þÀàÐÍÈÔȻδ֪£¬£¬£¬ÏÖÔڸù«Ë¾Ò²Î´×÷³ö¸ü¶à»ØÓ¦¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/ransomware-infection-cripples-shipping-giant-coscos-american-network/


¡¾¹¥»÷ÊÂÎñ¡¿Î¢ÈíÑо¿Ö°Ô±·¢Ã÷Õë¶ÔÒ»PDF±à¼­Æ÷µÄ¹©Ó¦Á´¹¥»÷


΢ÈíÑо¿Ö°Ô±·¢Ã÷Ò»¸öÕë¶ÔPDF±à¼­Æ÷µÄ¹©Ó¦Á´¹¥»÷£¬£¬£¬¹¥»÷Õßͨ¹ýÐ޸ĸÃPDF±à¼­Æ÷µÄ×ÖÌå°ü£¬£¬£¬ÔÚÓû§µÄÅÌËã»úÉÏ×°ÖöñÒâÍÚ¿óÈí¼þ¡£¡£¡£¡£ÏêϸÀ´Ëµ£¬£¬£¬¹¥»÷Õß·´±àÒë²¢ÐÞ¸ÄÁËÒ»¸öMSIÎļþ£¨Ò»¸öÑÇÖÞ×ÖÌå°ü£©£¬£¬£¬²¢Ìí¼ÓÁ˶ñÒâÍÚ¿ó´úÂë¡£¡£¡£¡£ÏÂÔØ²¢ÔËÐиÃPDF±à¼­Æ÷µÄÓû§½«ÔÚ²»ÖªÇéµÄÇéÐÎÏ´ӹ¥»÷ÕßµÄЧÀÍÆ÷ÖÐ×°ÖöñÒâ×ÖÌå°ü¡£¡£¡£¡£ÓÉÓÚ¸ÃPDF±à¼­Æ÷ÊÇÔÚSYSTEMȨÏÞÏÂ×°ÖõÄ£¬£¬£¬Òò´Ë¶ñÒâ´úÂëÄܹ»»ñµÃ¶ÔÓû§ÏµÍ³µÄÍêÈ«»á¼ûȨÏÞ¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/microsoft-discovers-supply-chain-attack-at-unnamed-maker-of-pdf-software/


¡¾Çå¾²²¥±¨¡¿Twitter´ÓÆäƽ̨ÉÑþ³ØýÁè¼Ý14.3Íò¸öÎ¥¹æAPP


TwitterÌåÏÖÔÚ4ÔÂÖÁ6ÔÂʱ´ú´ÓÆäƽ̨ÉÑþ³ØýÁËÁè¼Ý14.3Íò¸öÎ¥¹æAPP¡£¡£¡£¡£¸Ã¹«Ë¾³Æ²»»áÈÝÈÌͨ¹ýËüÃǵÄAPIÀ´·¢ËÍÀ¬»øÓʼþºÍ𷸹«ÃñÒþ˽µÄÐÐΪ¡£¡£¡£¡£³ýÁËɾ³ýÕâЩӦÓÃÖ®Í⣬£¬£¬¸Ã¹«Ë¾»¹¶ÔÆäAPIµÄʹÓ÷½·¨¾ÙÐÐÁ˵÷½â¡£¡£¡£¡£ËùÓлá¼ûÆä±ê×¼APIºÍ¸ß¼¶APIµÄÐÂÇëÇó¶¼±ØÐèͨ¹ýеÄÅú×¼Á÷³Ì¡£¡£¡£¡£¿£¿£¿£¿£¿ª·¢Ö°Ô±²»µÃ½¨ÉèÁè¼Ý10¸öAPP£¬£¬£¬³ý·ÇÆäÌá½»Á˳ä·ÖµÄÀíÓɲ¢»ñµÃÁËÌØÊâÔÊÐí¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/twitter-removes-143-000-apps-that-violated-companys-policy/


¡¾ÍþвÇ鱨¡¿ÃÀDHSÐû²¼ÖÒÑÔ£ºÐ¡ÐÄÕë¶ÔÆóÒµERPϵͳµÄÍøÂç¹¥»÷


ÃÀÁìÍÁÇå¾²²¿£¨DHS£©·¢³öÖÒÑÔ£ºÐ¡ÐĹú¼Ò¼¶µÄºÚ¿ÍºÍ·¸·¨ÍÅ»ïÕë¶ÔÆóÒµERPϵͳµÄ¹¥»÷»î¶¯¡£¡£¡£¡£¸ÃÖÒÑÔÊÇ»ùÓÚÍþвÇ鱨¹«Ë¾Digital ShadowsºÍOnapsisÁªºÏÐû²¼µÄ±¨¸æ¡£¡£¡£¡£±¨¸æÖÐÖ¸³öÒÑÍùÈýÄêÄÚÕë¶ÔSAPºÍERPµÄ¹ûÕæÎó²îʹÓÃÔöÌíÁË100%¡£¡£¡£¡£2016ÄêÖÁ2017ÄêÕë¶ÔERPÎó²îµÄ¹¥»÷»î¶¯ÔöÌíÁË160%¡£¡£¡£¡£Õë¶ÔERPµÄ¹¥»÷¹æÄ£°üÀ¨´Ó¾ÉµÄÎó²îµ½ÃÜÂëÍÆ²âµÈ¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/dhs-warns-of-impending-cyber-attacks-on-erp-systems/


¡¾ÍþвÇ鱨¡¿Ñо¿ÍŶӷ¢Ã÷ÒÁÀÊAPT×éÖ¯OilRigµÄй¥»÷À˳±


Palo Alto NetworksÑо¿ÍŶӷ¢Ã÷ÒÁÀÊAPT×éÖ¯OilRigµÄй¥»÷»î¶¯¡£¡£¡£¡£ÔÚ2018Äê5ÔÂÖÁ6ÔÂʱ´ú£¬£¬£¬OilRig¹²ÌᳫÁËÈý´Î¹¥»÷À˳±£¬£¬£¬Ç°Á½´ÎÖ÷ÒªÕëµÐÊÖÒÕЧÀÍÌṩÉÌ£¬£¬£¬×îºóÒ»´ÎÖ÷ÒªÕë¶ÔÖж«µØÇøµÄÕþ¸®»ú¹¹¡£¡£¡£¡£ÕâЩ¹¥»÷»î¶¯¶¼ÊÇͨ¹ýÍøÂç´¹ÂÚÓʼþÈö²¥PowerShellºóÃÅQUADAGENT£¬£¬£¬²¢ÊÔͼÇÔÈ¡Óû§µÄƾ֤¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://researchcenter.paloaltonetworks.com/2018/07/unit42-oilrig-targets-technology-service-provider-government-agency-quadagent/


¡¾ÍþвÇ鱨¡¿Ñо¿ÍŶӷ¢Ã÷¶ñÒâÍÚ¿óÈí¼þPowerGhostʹÓÃÎÞÎļþÊÖÒÕѬȾÓû§


¿¨°Í˹»ùʵÑéÊÒ·¢Ã÷Ò»¸öеĶñÒâÍÚ¿óÈí¼þPowerGhost¡£¡£¡£¡£PowerGhostÊÇÒ»¸ö¾­ÓÉ»ìÏýµÄPowerShell¾ç±¾£¬£¬£¬Æä°üÀ¨¶ñÒâ¿ó¹¤¡¢mimikatz¡¢Àà¿âmsvcp120.dllºÍmsvcr120.dll¡¢·´ÉäÐÍPE×¢ÈëºÍÓÀºãÖ®À¶Îó²îʹÓõÈÄ£¿£¿£¿£¿£¿é¡£¡£¡£¡£PowerGhostͨ¹ýÎÞÎļþÊÖÒÕÀ´Ñ¬È¾Óû§ºÍÌӱܼì²â£¬£¬£¬ÆäÖ÷ÒªÕë¶ÔÓ¡¶È¡¢°ÍÎ÷¡¢¸çÂ×±ÈÑǺÍÍÁ¶úÆä¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://securelist.com/a-mining-multitool/86950/