Mimecast³ÆSolarWindsºÚ¿ÍÒÑÇÔÈ¡Æä²¿·ÖÔ´´úÂ룻£»£»ÎÖ´ï·áÎ÷°àÑÀ·Ö¹«Ë¾Î¥·´GDPR±»·£¿£¿£¿£¿£¿£¿î½üÍòÍòÃÀÔª
Ðû²¼Ê±¼ä 2021-03-181.Mimecast³ÆSolarWindsºÚ¿ÍÒÑÇÔÈ¡Æä²¿·ÖÔ´´úÂë
µç×ÓÓʼþÇå¾²¹«Ë¾Mimecast³ÆSolarWinds±³ºóµÄºÚ¿ÍÒÑÇÔÈ¡Æä²¿·ÖÔ´´úÂë¡£¡£¡£¡£¡£¡£ÔçÔÚ2020Äê1Ô£¬£¬£¬Mimecast·¢Ã÷ÆäÔâµ½¹¥»÷µ¼ÖÂMicrosoft 365 SSLÖ¤Êéй¶£¬£¬£¬Ó°ÏìÁËÔ¼10%µÄÓû§¡£¡£¡£¡£¡£¡£3ÔÂ16ÈÕ£¬£¬£¬¸Ã¹«Ë¾Ðû²¼ÉùÃ÷³ÆºÚ¿Í»¹ÇÔÈ¡ÁËÓʼþµØµãºÍƾ֤µÈÐÅÏ¢£¬£¬£¬ÒÔ¼°²¿·ÖÔ´´úÂë¡£¡£¡£¡£¡£¡£¿ÉÊǺڿͲ¢Î´¶ÔÔ´´úÂë¾ÙÐÐÈκÎÐ޸쬣¬£¬²¢ÇÒÓÉÓÚÆäÇÔÈ¡µÄÔ´´úÂë²»ÍêÕû£¬£¬£¬¿ÉÄÜÎÞ·¨¿ª·¢³öMimecastЧÀ͵ÄÈκÎ×é¼þ¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/mimecast-solarwinds-hackers-stole-some-of-our-source-code/
2.Descartes AljexÒòAWS S3ÉèÖùýʧй¶103GBÊý¾Ý
Website Planet·¢Ã÷ÔËÊäÖÎÀíÈí¼þDescartes AljexÒòAWS S3´æ´¢Í°ÉèÖùýʧй¶ÁË103 GBÊý¾Ý¡£¡£¡£¡£¡£¡£´Ë´ÎÊÂÎñÓ°ÏìÁ˸ù«Ë¾µÄ¿Í»§¡¢Ô±¹¤¡¢ÏúÊÛ´ú±íÒÔ¼°ÎªµÚÈý·½Ô±¹¤£¬£¬£¬Ð¹Â¶ÁËÐÕÃû¡¢µç»°ºÅÂ룬£¬£¬µç×ÓÓʼþµØµã£¬£¬£¬AljexÓû§ÃûºÍ´¿Îı¾ÃÜÂëµÈСÎÒ˽¼ÒÐÅÏ¢£¬£¬£¬ºÍÊÕ¼þÈËÐÕÃû¡¢»õ¼þÆðÔ˵غÍÄ¿µÄµØ¡¢µØµãºÍµç»°ºÅÂëµÈ»õ¼þÐÅÏ¢¡£¡£¡£¡£¡£¡£Website PlanetÓÚ2020Äê12ÔÂ24ÈÕ·¢Ã÷¸ÃÎÊÌ⣬£¬£¬ÏÖÔڸô洢ͰÒѾ±»±£»£»£»¤ÆðÀ´¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.hackread.com/shipping-management-software-firm-data-online/
3.Sucuri·¢Ã÷ʹÓÃJPGÒþ²ØÐÅÓÿ¨Êý¾ÝµÄMagecart¹¥»÷»î¶¯
ÍøÕ¾Çå¾²¹«Ë¾SucuriµÄÑо¿Ö°Ô±ÔÚ¶ÔÊÜѬȾµÄMagento 2µç×ÓÉÌÎñÍøÕ¾¾ÙÐÐÊÓ²ìʱ£¬£¬£¬·¢Ã÷Magecart¹¥»÷ÕßʹÓÃJPGÒþ²ØÐÅÓÿ¨Êý¾Ý¡£¡£¡£¡£¡£¡£Magecart¹¥»÷ʼÓÚ¼¸Äêǰ£¬£¬£¬ºÚ¿ÍʹÓöñÒâ´úÂëÔÚÓû§½áÕÊʱÇÔÈ¡ÆäÐÅÓÿ¨Êý¾Ý¡£¡£¡£¡£¡£¡£Ôڴ˴εķ¢Ã÷µÄ¹¥»÷»î¶¯ÖУ¬£¬£¬ºÚ¿Í²¢Ã»ÓÐÁ¬Ã¦½«Êý¾Ý·¢Ë͵½ËûÃǵÄЧÀÍÆ÷£¬£¬£¬¶øÊǽ«ÆäÒþ²ØÔÚÊÜѬȾµÄÍøÕ¾µÄJPGͼÏñÖУ¬£¬£¬´Ó¶øïÔÌ¿ÉÒÉÁ÷Á¿£¬£¬£¬ÒÔÈÆ¹ýɱ¶¾Èí¼þµÄ¼ì²â¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://securityaffairs.co/wordpress/115655/hacking/magecart-credit-card-jpg.html
4.°ÍÈûÂÞÄÇÒÉËÆÔâµ½ÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬µ¼ÖÂÊÐÕþϵͳ̱»¾
°ÍÈûÂÞÄÇ£¨AMB£©ÒÉËÆÔâµ½ÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬ÆäÊý×ÖЧÀͱ»ÆÈÔÝÍ£¡£¡£¡£¡£¡£¡£¸ÃÊÐÓÚ3ÔÂ10ÈÕ¼ì²âµ½´Ë´Î¹¥»÷£¬£¬£¬ÎªÁ˱ÜÃâ¶ñÒâÈí¼þµÄÈö²¥£¬£¬£¬¸ÃÊÐÖÐÖ¹ÁËÊÐÕþϵͳ£¬£¬£¬°üÀ¨µç»°Ð§ÀÍ¡¢ÆäËûÊý×ÖЧÀͺÍÍøÕ¾¡£¡£¡£¡£¡£¡£AMB½²»°ÈËÌåÏÖ£¬£¬£¬´Ë´Î¹¥»÷»î¶¯ÓëSEPEÉÏÖÜÔâÊܵĹ¥»÷ÓÐËù²î±ð£¬£¬£¬µ«ºÜÊÇÏàËÆ¡£¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬¸ÃÊÂÎñÈÔÔÚÊÓ²ìÖС£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.muyseguridad.net/2021/03/16/area-metropolitana-de-barcelona/amp/
5.ÎÖ´ï·áÎ÷°àÑÀ·Ö¹«Ë¾Î¥·´GDPR±»·£¿£¿£¿£¿£¿£¿î½üÍòÍòÃÀÔª
µçÐŹ«Ë¾ÎÖ´ï·áÎ÷°àÑÀ·Ö¹«Ë¾ÒòÎ¥·´GDPR±»·£¿£¿£¿£¿£¿£¿î½üÍòÍòÃÀÔª¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾ÒòʹÓò»Êʵ±µÄµç»°ÏúÊÛÕ½ÂÔÒÔ¼°Î´Äܱ£»£»£»¤Êý¾Ý¶øµ¼ÖÂÁË4Ïî·£¿£¿£¿£¿£¿£¿î£¬£¬£¬¹²¼Æ972ÍòÃÀÔª¡£¡£¡£¡£¡£¡£ ǰÁ½Ïî·£¿£¿£¿£¿£¿£¿îÓ롶ͨÓÃÊý¾Ý±£»£»£»¤ÌõÀý¡·£¨GDPR£©Óйأ¬£¬£¬×ܼÆ716ÍòÃÀÔª¡£¡£¡£¡£¡£¡£µÚÈýÏî·£¿£¿£¿£¿£¿£¿îÓëÎ÷°àÑÀÊý×Ö°æÈ¨ºÍµçÐŵÄÖ´·¨ÒÔ¼°GDPRÓйأ¬£¬£¬Îª239ÍòÃÀÔª¡£¡£¡£¡£¡£¡£µÚËÄÏî·£¿£¿£¿£¿£¿£¿îÉæ¼°Î÷°àÑÀCookieµÄÖ´·¨£¬£¬£¬Îª17.9ÍòÃÀÔª¡£¡£¡£¡£¡£¡£´Ó2018Äê1Ôµ½2020Äê2Ô£¬£¬£¬ÎÖ´ï·áÎ÷°àÑÀ·Ö¹«Ë¾Òѱ»ÖÒÑÔ»ò·£¿£¿£¿£¿£¿£¿î50¶à´Î¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.infosecurity-magazine.com/news/aepd-issues-highest-ever-fine/
6.CISAºÍFBIÁªºÏÐû²¼¹ØÓÚTrickBot¶ñÒâÈí¼þµÄÇå¾²×Éѯ
CISAºÍÁª°îÊÓ²ì¾Ö£¨FBI£©Ðû²¼ÁËÓйØTrickBot¶ñÒâÈí¼þµÄÁªºÏÍøÂçÇå¾²×Éѯ£¨CSA£©¡£¡£¡£¡£¡£¡£¸Ã×ÉѯÏÈÈÝÁËTrickBotµÄÊÖÒÕϸ½Ú¡¢MITRE ATT&CK Techniques¡¢Õì̽Êý¾ÝÒÔ¼°»º½â²½·¥¡£¡£¡£¡£¡£¡£TrickBotÊÇÒ»Öָ߼¶Ä¾Âí£¬£¬£¬Í¨¹ýÓã²æÊ½´¹Âڻ£¬£¬£¬Ê¹ÓðüÀ¨¶ñÒ⸽¼þ»òÁ´½ÓµÄÌØÖÆµç×ÓÓʼþÀ´Èö²¥¡£¡£¡£¡£¡£¡£¸ÃÇå¾²×Éѯ½¨Òé×éÖ¯×èÖ¹¿ÉÒɵÄInternetÐÒ鵨µã¡¢Ê¹ÓÃɱ¶¾Èí¼þÒÔ¼°ÎªÔ±¹¤ÌṩÉç»á¹¤³ÌºÍÍøÂç´¹ÂÚÅàѵµÈ·½·¨À´Ìá·À´ËÀ๥»÷¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://us-cert.cisa.gov/ncas/current-activity/2021/03/17/cisa-fbi-joint-advisory-trickbot-malware-0