Intel CPUÒ×ÊÜÐÂSnoop¹¥»÷£¬£¬£¬£¬¿Éй¶»º´æÊý¾Ý£»£»£»£»£»£»½ðÈÚ¹«Ë¾ÔÆÊý¾Ý¿âй¶425GBÊý¾Ý
Ðû²¼Ê±¼ä 2020-03-181.Ç÷ÊÆ¿Æ¼¼ÐÞ¸´ÆóÒµÇå¾²²úÆ·ÖеÄÁ½¸ö0day£¬£¬£¬£¬Òѱ»Ê¹ÓÃ
±¾ÖÜÒ»Ç÷ÊÆ¿Æ¼¼Ðû²¼Çå¾²¸üУ¬£¬£¬£¬ÐÞ¸´ÁËÁ½¸öÒÑÔÚÒ°ÍâʹÓõÄ0dayºÍÁíÍâ3¸öÑÏÖØÎó²î¡£¡£¡£¡£¡£¡£ÕâÁ½¸ö0dayÓ°ÏìÁ˸ù«Ë¾µÄÆóÒµÇå¾²²úÆ·Apex OneºÍOfficeScan XG£¬£¬£¬£¬Ç÷ÊÆ¿Æ¼¼ÉÐδÐû²¼Óë¹¥»÷ÓйصÄÈκÎÏêϸÐÅÏ¢¡£¡£¡£¡£¡£¡£ÕâÁ½¸ö0day»®·ÖΪ£ºCVE-2020-8467£¬£¬£¬£¬CVSS 9.1£¬£¬£¬£¬Apex OneºÍOfficeScanµÄǨá㹤¾ß×é¼þÖеÄÎó²î£¬£¬£¬£¬¿Éµ¼ÖÂRCE£¬£¬£¬£¬¹¥»÷ÐèÒªÓû§Éí·ÝÈÏÖ¤£»£»£»£»£»£»CVE-2020-8468£¬£¬£¬£¬CVSS 8.0£¬£¬£¬£¬Apex OneºÍOfficeScanÊðÀíÊܵ½ÄÚÈÝÑé֤תÒåÎó²îµÄÓ°Ï죬£¬£¬£¬¿ÉÔÊÐí¹¥»÷ÕßʹÓÃijЩÊðÀí¿Í»§¶Ë×é¼þ£¬£¬£¬£¬¹¥»÷ÐèÒªÓû§Éí·ÝÈÏÖ¤¡£¡£¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬Ç÷ÊÆ¿Æ¼¼»¹ÐÞ¸´ÁËÈý¸öCVSSµÃ·ÖΪ10·ÖµÄÑÏÖØÎó²î£¬£¬£¬£¬°üÀ¨CVE-2020-8470¡¢CVE-2020-8598ºÍCVE-2020-8599£¬£¬£¬£¬ÕâÈý¸öÎó²î¿ÉÔÊÐí¹¥»÷ÕßÒÔSYSTEMȨÏÞɾ³ýÈκÎÎļþ¡¢Ö´ÐÐí§Òâ´úÂë»òÔÚí§Òâ·¾¶ÏÂдÈëí§ÒâÊý¾Ý²¢ÈƹýRootµÇ¼£¬£¬£¬£¬Ê¹ÓÃÕâÈý¸öÎó²î¾ù²»ÐèÒªÉí·ÝÑéÖ¤¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/two-trend-micro-zero-days-exploited-in-the-wild-by-hackers/
2.Intel CPUÒ×ÊÜÐÂSnoop¹¥»÷£¬£¬£¬£¬¿Éй¶»º´æÊý¾Ý
Intel CPUÈÝÒ×Êܵ½Ðµġ°Snoop¡±¹¥»÷Ó°Ï죬£¬£¬£¬¸Ã¹¥»÷¿ÉÄÜ»á×ß©CPUÄÚ²¿´æ´¢Æ÷£¨»º´æ£©ÖеÄÊý¾Ý¡£¡£¡£¡£¡£¡£IntelÌåÏÖ2018Äê8ÔÂÕë¶ÔForeshadow£¨L1TF£©Îó²îÐû²¼µÄ²¹¶¡Ò²ÊÊÓÃÓÚ´Ëй¥»÷¡£¡£¡£¡£¡£¡£AWSÈí¼þ¹¤³ÌʦPawel Wieczorkiewicz·¢Ã÷²¢±¨¸æÁ˴˹¥»÷ÒªÁ죬£¬£¬£¬¸Ã¹¥»÷±»ÐÎòΪ¡°Snoop¸¨ÖúL1Êý¾ÝÊÕÂÞ¡±£¬£¬£¬£¬»òÖ»ÊÇ¡°Snoop¡±£¨CVE-2020-0550£©¡£¡£¡£¡£¡£¡£ÔÚÊÖÒÕ²ãÃæÉÏ£¬£¬£¬£¬ÐµÄSnoop¹¥»÷ʹÓÃÁ˶༶»º´æ¡¢»º´æÒ»ÖÂÐÔºÍ×ÜÏß¼àÌýµÈCPU»úÖÆ¡£¡£¡£¡£¡£¡£IntelÁгöÁËÒ×Êܹ¥»÷µÄCPUÁÐ±í£¬£¬£¬£¬¸ÃÁбíÖаüÀ¨CoreºÍXeon´¦Öóͷ£Æ÷µÈ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/intel-cpus-vulnerable-to-new-snoop-attack/
3.APT36ʹÓÃйڲ¡¶¾Ö÷ÌâÈö²¥Crimson RAT
Ëæ×ÅÈ«Çòйڲ¡¶¾µÄ±¬·¢£¬£¬£¬£¬Ô½À´Ô½¶àµÄ¹¥»÷ÕßʹÓÃÈËÃǵĿ־åÀ´É¢²¼¹ýʧµÄÐÅÏ¢ºÍÌᳫڲƼ°¶ñÒâÈí¼þ¹¥»÷¡£¡£¡£¡£¡£¡£APT36Ò²ÓöÉÏÁËÕâÒ»³±Á÷£¬£¬£¬£¬×î½üMalwarebytes LabsµÄRed DripÍŶӱ¨¸æ³ÆAPT36ÕýÔÚʹÓÿµ½¡×ÉѯÓÕ¶üÎĵµÀ´Èö²¥Crimson RAT¡£¡£¡£¡£¡£¡£APT36±»ÒÔΪÊǰͻù˹̹Õþ¸®×ÊÖúµÄ¹¥»÷Õߣ¬£¬£¬£¬ËüÖ÷ÒªÕë¶ÔÓ¡¶ÈµÄ¹ú·À²¿¡¢Ê¹¹ÝºÍÕþ¸®»ú¹¹¡£¡£¡£¡£¡£¡£¸Ã×éÖ¯×Ô2016ÄêÆð»îÔ¾£¬£¬£¬£¬ÆäÍøÂçÌØ¹¤»î¶¯µÄÄ¿µÄÊÇ´ÓÓ¡¶ÈÍøÂçÓë°Í»ù˹̹¾üʺÍÍâ½»ÀûÒæÓйصÄÃô¸ÐÐÅÏ¢¡£¡£¡£¡£¡£¡£Crimson RATͨ¹ý.Net±àд£¬£¬£¬£¬Æä¹¦Ð§°üÀ¨ÇÔÈ¡ä¯ÀÀÆ÷ƾ֤¡¢Ã¶¾ÙÀú³ÌºÍ´ÅÅÌÇý¶¯Æ÷Ŀ¼¡¢ÎüÊÕC&CÎļþ¡¢Ê¹ÓÃ×Ô½ç˵µÄTCPÐÒé¾ÙÐÐC£¦CͨѶ¡¢ÆÁÄ»½ØÍ¼µÈ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://blog.malwarebytes.com/threat-analysis/2020/03/apt36-jumps-on-the-coronavirus-bandwagon-delivers-crimson-rat/
4.FireEyeÐû²¼2017µ½2019ÄêÀÕË÷Èí¼þ°²ÅÅÇ÷ÊÆ±¨¸æ
FireEye MandiantµÄÑо¿Ö°Ô±¶Ô2017Äêµ½2019ÄêµÄÀÕË÷Èí¼þ¹¥»÷Êý¾Ý¾ÙÐÐÁË»ØÊ×£¬£¬£¬£¬ÒÔʶ±ð³ö³õʼÈëÇÖǰÑÔ¡¢¹¥»÷ÕßÔÚÊÜÑ¬È¾ÍøÂçÉÏµÄÆ½¾ùפÁôʱ¼äÒÔ¼°¹¥»÷Õßͨ³£ÇãÏòÓÚ°²ÅÅÀÕË÷Èí¼þµÄʱ¼äµÈÅäºÏÌØÕ÷¡£¡£¡£¡£¡£¡£ËûÃǵÄÑо¿Åú×¢£¬£¬£¬£¬ÔÚ´ó´ó¶¼ÊÂÎñÖУ¬£¬£¬£¬¹¥»÷Õß½øÈëÍøÂçºóÖÁÉÙÆÚ´ýÈýÌì¼´¿Éʶ±ðÒªº¦ÏµÍ³²¢×÷ΪÀÕË÷Èí¼þ¹¥»÷µÄÄ¿µÄ¡£¡£¡£¡£¡£¡£ÔÚ´ó´ó¶¼£¨75£¥£©µÄ°¸ÀýÖУ¬£¬£¬£¬´ÓµÚÒ»Åú¶ñÒâ»î¶¯µ½°²ÅÅÀÕË÷Èí¼þÖ®¼äÖÁÉÙ¾ÓÉÁËÈýÌ죬£¬£¬£¬ÕâÒâζ×ÅÈôÊÇÊܺ¦Õß×éÖ¯Äܹ»×㹻ѸËٵط¢Ã÷³õʼ»î¶¯£¬£¬£¬£¬ËûÃǾÍÓÐʱ»ú×èÖ¹¹¥»÷¡£¡£¡£¡£¡£¡£Ñо¿»¹ÏÔʾ£¬£¬£¬£¬ÔÚËÄ·ÖÖ®ÈýÒÔÉÏ£¨76£¥£©µÄÊÂÎñÖУ¬£¬£¬£¬¹¥»÷Õß°²ÅÅÀÕË÷Èí¼þµÄʱ¼äÊÇÔÚÕý³£°ì¹«Ê±¼äÖ®Í⣨27%ÊÇÔÚÖÜÄ©£¬£¬£¬£¬49%ÊÇÔÚÊÂÇéÈÕµÄÉÏÎç8µã֮ǰ»òÏÂÖç6µãÖ®ºó£©£¬£¬£¬£¬ÕâÒ»Ç÷ÊÆÍ¹ÏÔÁËÓ¦¼±ÍýÏëµÄÐëÒªÐÔ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.fireeye.com/blog/threat-research/2020/03/they-come-in-the-night-ransomware-deployment-trends.html
5.½ðÈÚ¹«Ë¾AdvantageºÍArgusÔÆÊý¾Ý¿âй¶425GBÊý¾Ý
vpnMentorÑо¿Ö°Ô±·¢Ã÷Ò»¸öÊôÓÚ½ðÈÚ¹«Ë¾Advantage Capital FundingºÍArgus Capital FundingµÄ¿É¹ûÕæ»á¼ûµÄÊý¾Ý¿âй¶ÁË425GBÃô¸ÐÎļþ¡£¡£¡£¡£¡£¡£¸ÃÊý¾Ý¿âÓëÕâÁ½¸ö¹«Ë¾¿ª·¢µÄMCA WizardÓ¦ÓÃÓйأ¬£¬£¬£¬¸ÃÓ¦ÓÃÏÖÔÚÒѲ»ÔÙÔÚ¹Ù·½Ó¦ÓÃÊÐËÁÖÐÌṩ¡£¡£¡£¡£¡£¡£vpnMentorÊ×´ÎÔÚ2019Äê12Ô·¢Ã÷Á˸ÃÊý¾Ý¿â£¬£¬£¬£¬Êý¾Ý¿âÖаüÀ¨À´×ÔAdvantageºÍArgusµÄ˽ÈËÖ´·¨ºÍ²ÆÎñÎļþ£¬£¬£¬£¬°üÀ¨ÐÅÓñ¨¸æ¡¢ÒøÐжÔÕʵ¥¡¢ÌõÔ¼¡¢Ö´·¨Îļþ¡¢¼ÝʻִÕÕ¸±±¾¡¢¹ºÖö©µ¥ºÍÊÕÌõ¡¢ÄÉ˰É걨±í¡¢Éç»á°ü¹ÜÐÅÏ¢ÒÔ¼°ÉúÒⱨ¸æ¡£¡£¡£¡£¡£¡£ÕâЩ¼Í¼²»µ«ÓëAdvantageºÍArgusÓйأ¬£¬£¬£¬»¹Ó°ÏìÁËËûÃǵĿͻ§¡¢³Ð°üÉÌ¡¢Ô±¹¤ºÍÏàÖúͬ°é¡£¡£¡£¡£¡£¡£vpnMentorʵÑéÓëAdvantageºÍArgusÁªÏµ£¬£¬£¬£¬µ«²¢Î´»ñµÃ»Ø¸´£¬£¬£¬£¬Ñо¿Ö°Ô±×îÖÕÖ±½ÓÓëAWSÁªÏµ£¬£¬£¬£¬¸ÃÊý¾Ý¿âÓÚ2020Äê1ÔÂ9Èչرա£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/financial-apps-leak-425gb-in-company-data-through-open-database/
6.ÃÀ¹úÒÁÀûŵÒÁÖÝ´óѧй¶1700¶àÃûÔ±¹¤Êý¾Ý
ÃÀ¹úÒÁÀûŵÒÁÖݶÅÅåÆæÑ§Ôº¹ÙԱ֤ʵ¸Ã´óѧÔâÓöÊý¾Ýй¶ÊÂÎñ£¬£¬£¬£¬ÊÜÓ°ÏìµÄÈ˰üÀ¨1755ÃûÏÖÈκÍǰ¹ÍÔ±¡£¡£¡£¡£¡£¡£¸Ã´óѧУ³¤²¼À³¶÷¡¤¿¨ÆÕÍУ¨Brian Caputo£©ÌåÏÖ£¬£¬£¬£¬Ô±¹¤µÄСÎÒ˽¼ÒºÍ˰ÎñÐÅÏ¢¶¼±»Éæ¼°£¬£¬£¬£¬µ«·¸·¨·Ö×Ó»ñÈ¡»ò½«ÕâЩÐÅÏ¢ÓÃÓÚÚ²ÆÄ¿µÄµÄ¿ÉÄÜÐÔºÜС¡£¡£¡£¡£¡£¡£¸Ã´óѧ»¹Ãâ·ÑΪÊÜÓ°ÏìµÄ¹ÍÔ±ÌṩÐÅÓÃ¼à¿ØºÍÉí·Ý±£»£»£»£»£»£»¤Ð§ÀÍ¡£¡£¡£¡£¡£¡£¹ØÓÚй¶ÊÇÔõÑù±¬·¢µÄÊÓ²ìÉÐÎÞ¶¨ÂÛ£¬£¬£¬£¬¸Ã´óѧҲûÓÐ˵Ã÷ÊÂÎñ±¬·¢µÄʱ¼äºÍÃô¸ÐÊý¾ÝÔõÑùй¶µÄϸ½Ú¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.infosecurity-magazine.com/news/illinois-college-suffers-data/