Intel CPUÒ×ÊÜÐÂSnoop¹¥»÷£¬£¬£¬£¬¿Éй¶»º´æÊý¾Ý£»£» £»£»£»£»½ðÈÚ¹«Ë¾ÔÆÊý¾Ý¿âй¶425GBÊý¾Ý

Ðû²¼Ê±¼ä 2020-03-18

1.Ç÷ÊÆ¿Æ¼¼ÐÞ¸´ÆóÒµÇå¾²²úÆ·ÖеÄÁ½¸ö0day£¬£¬£¬£¬Òѱ»Ê¹ÓÃ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


±¾ÖÜÒ»Ç÷ÊÆ¿Æ¼¼Ðû²¼Çå¾²¸üУ¬£¬£¬£¬ÐÞ¸´ÁËÁ½¸öÒÑÔÚÒ°ÍâʹÓõÄ0dayºÍÁíÍâ3¸öÑÏÖØÎó²î ¡£¡£¡£¡£¡£¡£ÕâÁ½¸ö0dayÓ°ÏìÁ˸ù«Ë¾µÄÆóÒµÇå¾²²úÆ·Apex OneºÍOfficeScan XG£¬£¬£¬£¬Ç÷ÊÆ¿Æ¼¼ÉÐδÐû²¼Óë¹¥»÷ÓйصÄÈκÎÏêϸÐÅÏ¢ ¡£¡£¡£¡£¡£¡£ÕâÁ½¸ö0day»®·ÖΪ£ºCVE-2020-8467£¬£¬£¬£¬CVSS 9.1£¬£¬£¬£¬Apex OneºÍOfficeScanµÄǨá㹤¾ß×é¼þÖеÄÎó²î£¬£¬£¬£¬¿Éµ¼ÖÂRCE£¬£¬£¬£¬¹¥»÷ÐèÒªÓû§Éí·ÝÈÏÖ¤£»£» £»£»£»£»CVE-2020-8468£¬£¬£¬£¬CVSS 8.0£¬£¬£¬£¬Apex OneºÍOfficeScanÊðÀíÊܵ½ÄÚÈÝÑé֤תÒåÎó²îµÄÓ°Ï죬£¬£¬£¬¿ÉÔÊÐí¹¥»÷ÕßʹÓÃijЩÊðÀí¿Í»§¶Ë×é¼þ£¬£¬£¬£¬¹¥»÷ÐèÒªÓû§Éí·ÝÈÏÖ¤ ¡£¡£¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬Ç÷ÊÆ¿Æ¼¼»¹ÐÞ¸´ÁËÈý¸öCVSSµÃ·ÖΪ10·ÖµÄÑÏÖØÎó²î£¬£¬£¬£¬°üÀ¨CVE-2020-8470¡¢CVE-2020-8598ºÍCVE-2020-8599£¬£¬£¬£¬ÕâÈý¸öÎó²î¿ÉÔÊÐí¹¥»÷ÕßÒÔSYSTEMȨÏÞɾ³ýÈκÎÎļþ¡¢Ö´ÐÐí§Òâ´úÂë»òÔÚí§Òâ·¾¶ÏÂдÈëí§ÒâÊý¾Ý²¢ÈƹýRootµÇ¼£¬£¬£¬£¬Ê¹ÓÃÕâÈý¸öÎó²î¾ù²»ÐèÒªÉí·ÝÑéÖ¤ ¡£¡£¡£¡£¡£¡£

  

Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/two-trend-micro-zero-days-exploited-in-the-wild-by-hackers/


2.Intel CPUÒ×ÊÜÐÂSnoop¹¥»÷£¬£¬£¬£¬¿Éй¶»º´æÊý¾Ý


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Intel CPUÈÝÒ×Êܵ½Ðµġ°Snoop¡±¹¥»÷Ó°Ï죬£¬£¬£¬¸Ã¹¥»÷¿ÉÄÜ»á×ß©CPUÄÚ²¿´æ´¢Æ÷£¨»º´æ£©ÖеÄÊý¾Ý ¡£¡£¡£¡£¡£¡£IntelÌåÏÖ2018Äê8ÔÂÕë¶ÔForeshadow£¨L1TF£©Îó²îÐû²¼µÄ²¹¶¡Ò²ÊÊÓÃÓÚ´Ëй¥»÷ ¡£¡£¡£¡£¡£¡£AWSÈí¼þ¹¤³ÌʦPawel Wieczorkiewicz·¢Ã÷²¢±¨¸æÁ˴˹¥»÷ÒªÁ죬£¬£¬£¬¸Ã¹¥»÷±»ÐÎòΪ¡°Snoop¸¨ÖúL1Êý¾ÝÊÕÂÞ¡±£¬£¬£¬£¬»òÖ»ÊÇ¡°Snoop¡±£¨CVE-2020-0550£© ¡£¡£¡£¡£¡£¡£ÔÚÊÖÒÕ²ãÃæÉÏ£¬£¬£¬£¬ÐµÄSnoop¹¥»÷ʹÓÃÁ˶༶»º´æ¡¢»º´æÒ»ÖÂÐÔºÍ×ÜÏß¼àÌýµÈCPU»úÖÆ ¡£¡£¡£¡£¡£¡£IntelÁгöÁËÒ×Êܹ¥»÷µÄCPUÁÐ±í£¬£¬£¬£¬¸ÃÁбíÖаüÀ¨CoreºÍXeon´¦Öóͷ£Æ÷µÈ ¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/intel-cpus-vulnerable-to-new-snoop-attack/


3.APT36ʹÓÃйڲ¡¶¾Ö÷ÌâÈö²¥Crimson RAT


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Ëæ×ÅÈ«Çòйڲ¡¶¾µÄ±¬·¢£¬£¬£¬£¬Ô½À´Ô½¶àµÄ¹¥»÷ÕßʹÓÃÈËÃǵĿ־åÀ´É¢²¼¹ýʧµÄÐÅÏ¢ºÍÌᳫڲƭ¼°¶ñÒâÈí¼þ¹¥»÷ ¡£¡£¡£¡£¡£¡£APT36Ò²ÓöÉÏÁËÕâÒ»³±Á÷£¬£¬£¬£¬×î½üMalwarebytes LabsµÄRed DripÍŶӱ¨¸æ³ÆAPT36ÕýÔÚʹÓÿµ½¡×ÉѯÓÕ¶üÎĵµÀ´Èö²¥Crimson RAT ¡£¡£¡£¡£¡£¡£APT36±»ÒÔΪÊǰͻù˹̹Õþ¸®×ÊÖúµÄ¹¥»÷Õߣ¬£¬£¬£¬ËüÖ÷ÒªÕë¶ÔÓ¡¶ÈµÄ¹ú·À²¿¡¢Ê¹¹ÝºÍÕþ¸®»ú¹¹ ¡£¡£¡£¡£¡£¡£¸Ã×éÖ¯×Ô2016ÄêÆð»îÔ¾£¬£¬£¬£¬ÆäÍøÂçÌØ¹¤»î¶¯µÄÄ¿µÄÊÇ´ÓÓ¡¶ÈÍøÂçÓë°Í»ù˹̹¾üʺÍÍâ½»ÀûÒæÓйصÄÃô¸ÐÐÅÏ¢ ¡£¡£¡£¡£¡£¡£Crimson RATͨ¹ý.Net±àд£¬£¬£¬£¬Æä¹¦Ð§°üÀ¨ÇÔÈ¡ä¯ÀÀÆ÷ƾ֤¡¢Ã¶¾ÙÀú³ÌºÍ´ÅÅÌÇý¶¯Æ÷Ŀ¼¡¢ÎüÊÕC&CÎļþ¡¢Ê¹ÓÃ×Ô½ç˵µÄTCPЭÒé¾ÙÐÐC£¦CͨѶ¡¢ÆÁÄ»½ØÍ¼µÈ ¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://blog.malwarebytes.com/threat-analysis/2020/03/apt36-jumps-on-the-coronavirus-bandwagon-delivers-crimson-rat/


4.FireEyeÐû²¼2017µ½2019ÄêÀÕË÷Èí¼þ°²ÅÅÇ÷ÊÆ±¨¸æ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨



FireEye MandiantµÄÑо¿Ö°Ô±¶Ô2017Äêµ½2019ÄêµÄÀÕË÷Èí¼þ¹¥»÷Êý¾Ý¾ÙÐÐÁË»ØÊ×£¬£¬£¬£¬ÒÔʶ±ð³ö³õʼÈëÇÖǰÑÔ¡¢¹¥»÷ÕßÔÚÊÜÑ¬È¾ÍøÂçÉÏµÄÆ½¾ùפÁôʱ¼äÒÔ¼°¹¥»÷Õßͨ³£ÇãÏòÓÚ°²ÅÅÀÕË÷Èí¼þµÄʱ¼äµÈÅäºÏÌØÕ÷ ¡£¡£¡£¡£¡£¡£ËûÃǵÄÑо¿Åú×¢£¬£¬£¬£¬ÔÚ´ó´ó¶¼ÊÂÎñÖУ¬£¬£¬£¬¹¥»÷Õß½øÈëÍøÂçºóÖÁÉÙÆÚ´ýÈýÌì¼´¿Éʶ±ðÒªº¦ÏµÍ³²¢×÷ΪÀÕË÷Èí¼þ¹¥»÷µÄÄ¿µÄ ¡£¡£¡£¡£¡£¡£ÔÚ´ó´ó¶¼£¨75£¥£©µÄ°¸ÀýÖУ¬£¬£¬£¬´ÓµÚÒ»Åú¶ñÒâ»î¶¯µ½°²ÅÅÀÕË÷Èí¼þÖ®¼äÖÁÉÙ¾­ÓÉÁËÈýÌ죬£¬£¬£¬ÕâÒâζ×ÅÈôÊÇÊܺ¦Õß×éÖ¯Äܹ»×㹻ѸËٵط¢Ã÷³õʼ»î¶¯£¬£¬£¬£¬ËûÃǾÍÓÐʱ»ú×èÖ¹¹¥»÷ ¡£¡£¡£¡£¡£¡£Ñо¿»¹ÏÔʾ£¬£¬£¬£¬ÔÚËÄ·ÖÖ®ÈýÒÔÉÏ£¨76£¥£©µÄÊÂÎñÖУ¬£¬£¬£¬¹¥»÷Õß°²ÅÅÀÕË÷Èí¼þµÄʱ¼äÊÇÔÚÕý³£°ì¹«Ê±¼äÖ®Í⣨27%ÊÇÔÚÖÜÄ©£¬£¬£¬£¬49%ÊÇÔÚÊÂÇéÈÕµÄÉÏÎç8µã֮ǰ»òÏÂÖç6µãÖ®ºó£©£¬£¬£¬£¬ÕâÒ»Ç÷ÊÆÍ¹ÏÔÁËÓ¦¼±ÍýÏëµÄÐëÒªÐÔ ¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.fireeye.com/blog/threat-research/2020/03/they-come-in-the-night-ransomware-deployment-trends.html


5.½ðÈÚ¹«Ë¾AdvantageºÍArgusÔÆÊý¾Ý¿âй¶425GBÊý¾Ý


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


vpnMentorÑо¿Ö°Ô±·¢Ã÷Ò»¸öÊôÓÚ½ðÈÚ¹«Ë¾Advantage Capital FundingºÍArgus Capital FundingµÄ¿É¹ûÕæ»á¼ûµÄÊý¾Ý¿âй¶ÁË425GBÃô¸ÐÎļþ ¡£¡£¡£¡£¡£¡£¸ÃÊý¾Ý¿âÓëÕâÁ½¸ö¹«Ë¾¿ª·¢µÄMCA WizardÓ¦ÓÃÓйأ¬£¬£¬£¬¸ÃÓ¦ÓÃÏÖÔÚÒѲ»ÔÙÔÚ¹Ù·½Ó¦ÓÃÊÐËÁÖÐÌṩ ¡£¡£¡£¡£¡£¡£vpnMentorÊ×´ÎÔÚ2019Äê12Ô·¢Ã÷Á˸ÃÊý¾Ý¿â£¬£¬£¬£¬Êý¾Ý¿âÖаüÀ¨À´×ÔAdvantageºÍArgusµÄ˽ÈËÖ´·¨ºÍ²ÆÎñÎļþ£¬£¬£¬£¬°üÀ¨ÐÅÓñ¨¸æ¡¢ÒøÐжÔÕʵ¥¡¢ÌõÔ¼¡¢Ö´·¨Îļþ¡¢¼ÝʻִÕÕ¸±±¾¡¢¹ºÖö©µ¥ºÍÊÕÌõ¡¢ÄÉ˰É걨±í¡¢Éç»á°ü¹ÜÐÅÏ¢ÒÔ¼°ÉúÒⱨ¸æ ¡£¡£¡£¡£¡£¡£ÕâЩ¼Í¼²»µ«ÓëAdvantageºÍArgusÓйأ¬£¬£¬£¬»¹Ó°ÏìÁËËûÃǵĿͻ§¡¢³Ð°üÉÌ¡¢Ô±¹¤ºÍÏàÖúͬ°é ¡£¡£¡£¡£¡£¡£vpnMentorʵÑéÓëAdvantageºÍArgusÁªÏµ£¬£¬£¬£¬µ«²¢Î´»ñµÃ»Ø¸´£¬£¬£¬£¬Ñо¿Ö°Ô±×îÖÕÖ±½ÓÓëAWSÁªÏµ£¬£¬£¬£¬¸ÃÊý¾Ý¿âÓÚ2020Äê1ÔÂ9ÈÕ¹Ø±Õ ¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/financial-apps-leak-425gb-in-company-data-through-open-database/


6.ÃÀ¹úÒÁÀûŵÒÁÖÝ´óѧй¶1700¶àÃûÔ±¹¤Êý¾Ý


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


ÃÀ¹úÒÁÀûŵÒÁÖݶÅÅåÆæÑ§Ôº¹ÙԱ֤ʵ¸Ã´óѧÔâÓöÊý¾Ýй¶ÊÂÎñ£¬£¬£¬£¬ÊÜÓ°ÏìµÄÈ˰üÀ¨1755ÃûÏÖÈκÍǰ¹ÍÔ± ¡£¡£¡£¡£¡£¡£¸Ã´óѧУ³¤²¼À³¶÷¡¤¿¨ÆÕÍУ¨Brian Caputo£©ÌåÏÖ£¬£¬£¬£¬Ô±¹¤µÄСÎÒ˽¼ÒºÍ˰ÎñÐÅÏ¢¶¼±»Éæ¼°£¬£¬£¬£¬µ«·¸·¨·Ö×Ó»ñÈ¡»ò½«ÕâЩÐÅÏ¢ÓÃÓÚڲƭĿµÄµÄ¿ÉÄÜÐÔºÜС ¡£¡£¡£¡£¡£¡£¸Ã´óѧ»¹Ãâ·ÑΪÊÜÓ°ÏìµÄ¹ÍÔ±ÌṩÐÅÓÃ¼à¿ØºÍÉí·Ý±£»£» £»£»£»£»¤Ð§ÀÍ ¡£¡£¡£¡£¡£¡£¹ØÓÚй¶ÊÇÔõÑù±¬·¢µÄÊÓ²ìÉÐÎÞ¶¨ÂÛ£¬£¬£¬£¬¸Ã´óѧҲûÓÐ˵Ã÷ÊÂÎñ±¬·¢µÄʱ¼äºÍÃô¸ÐÊý¾ÝÔõÑùй¶µÄϸ½Ú ¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.infosecurity-magazine.com/news/illinois-college-suffers-data/