KaseyaÇå¾²¸üÐÂÐÞ¸´REvilÔÚ¹©Ó¦Á´¹¥»÷ÖÐÓõÄ0day£» £»£»£»£»£»Ð¶ñÒâÈí¼þBIOPASSʹÓÃÖ±²¥Ó¦ÓÃOBSÂ¼ÖÆÄ¿µÄµÄÆÁÄ»

Ðû²¼Ê±¼ä 2021-07-13
1.KaseyaÇå¾²¸üÐÂÐÞ¸´REvilÔÚ¹©Ó¦Á´¹¥»÷ÖÐÓõÄ0day


1.jpg


KaseyaÐû²¼Çå¾²¸üУ¬£¬£¬£¬£¬£¬ÐÞ¸´REvilÔÚ¹©Ó¦Á´¹¥»÷ÖÐÓõÄ0day¡£¡£¡£¡£¡£¡£¡£4Ô£¬£¬£¬£¬£¬£¬ºÉÀ¼Îó²îÅû¶Ñо¿Ëù (DIVD)Åû¶ÁËKaseyaµÄ7¸öÎó²î¡£¡£¡£¡£¡£¡£¡£Ö®ºó£¬£¬£¬£¬£¬£¬Kaseya¶ÔÆäVSA SaaSЧÀÍÉϵĴ󲿷ÖÎó²îÐû²¼Á˲¹¶¡£¬£¬£¬£¬£¬£¬µ«ÉÐδÍê³ÉÄÚ²¿°æ±¾VSAµÄ²¹¶¡¡£¡£¡£¡£¡£¡£¡£¶øREvilÍÅ»ïÏÈÒ»²½Ê¹ÓÃÁËÕâЩÎó²î£¬£¬£¬£¬£¬£¬ÓÚ7ÔÂ2ÈÕ¶ÔԼĪ60¸öMSPºÍ1500¼ÒÆóÒµ¿Í»§ÌᳫÁË´ó¹æÄ£¹¥»÷¡£¡£¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬KaseyaÐû²¼ÁËVSA 9.5.7a (9.5.7.2994) ¸üÐÂÒÔÐÞ¸´REvilʹÓõÄÎó²î£¬£¬£¬£¬£¬£¬°üÀ¨CVE-2021-30116¡¢CVE-2021-30119ºÍCVE-2021-30120µÈ¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/kaseya-patches-vsa-vulnerabilities-used-in-revil-ransomware-attack/


2.жñÒâÈí¼þBIOPASSʹÓÃÖ±²¥Ó¦ÓÃOBSÂ¼ÖÆÄ¿µÄµÄÆÁÄ»


2.jpg


Çå¾²¹«Ë¾Ç÷ÊÆ¿Æ¼¼·¢Ã÷жñÒâÈí¼þBIOPASSʹÓÃÖ±²¥Ó¦ÓÃOBSÂ¼ÖÆÄ¿µÄÅÌËã»úµÄÆÁÄ»¡£¡£¡£¡£¡£¡£¡£BIOPASSÊÇÓÃPython±àдµÄÔ¶³Ì»á¼ûľÂí (RAT)£¬£¬£¬£¬£¬£¬ÔÚ×î½üÕë¶ÔÔÚÏ߶IJ©¹«Ë¾µÄ¹¥»÷Öб»·¢Ã÷£¬£¬£¬£¬£¬£¬±»Òþ²ØÔÚÕýµ±µÄAdobe Flash Player»òMicrosoft SilverlightµÄ×°ÖóÌÐòÖС£¡£¡£¡£¡£¡£¡£BIOPASS RAT¾ßÓÐÔÚÆäËû¶ñÒâÈí¼þµÄ»ù±¾¹¦Ð§£¬£¬£¬£¬£¬£¬µ«ÉÐÓÐÒ»Ïîй¦Ð§£¬£¬£¬£¬£¬£¬¼´ÔÚÄ¿µÄϵͳÉÏ×°ÖÃOBS StudioÈí¼þ£¬£¬£¬£¬£¬£¬²¢Ê¹ÓøÃÈí¼þµÄ RTMP£¨ÊµÊ±ÐÂÎÅת´ïЭÒ飩Á÷ýÌ幦ЧÀ´Â¼ÖÆÓû§µÄÆÁÄ»²¢½«Æä¹ã²¥µ½¹¥»÷ÕߵĿØÖÆÌ¨¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://therecord.media/malware-abuses-obs-live-streaming-software-to-record-victims-screens/


3.ÃÀ¹úÏðÊ÷ÁëÒøÐÐ֪ͨÆä¿Í»§ÒòÍøÂç¹¥»÷СÎÒ˽¼ÒÐÅϢй¶


3.jpg


ÃÀ¹úÏðÊ÷ÁëÒøÐУ¨Bank Of Oak Ridge£©ÓÚ7ÔÂ9ÈÕÐÇÆÚÎå֪ͨÆä¿Í»§ÒòÍøÂç¹¥»÷СÎÒ˽¼ÒÐÅϢй¶¡£¡£¡£¡£¡£¡£¡£¸ÃÒøÐÐ³ÆÆäÔâµ½ÁËÍøÂç¹¥»÷£¬£¬£¬£¬£¬£¬µ¼ÖÂÒøÐеIJ¿·ÖЧÀÍÔÝʱÖÐÖ¹£¬£¬£¬£¬£¬£¬¾­ÊӲ췢Ã÷ÉÐÓÐδ¾­ÊÚȨµÄ¹¥»÷Õß»á¼ûÁËÆäϵͳ¡£¡£¡£¡£¡£¡£¡£´Ë´Î¹¥»÷±¬·¢ÔÚ4ÔÂ26ÈÕºÍ4ÔÂ27ÈÕ£¬£¬£¬£¬£¬£¬ÔÚ2009Äê9ÔÂ30ÈÕ֮ǰ¿ªÉèÕË»§µÄºã¾Ã¿Í»§µÄÐÅÏ¢¿ÉÄÜÒѾ­Ð¹Â¶£¬£¬£¬£¬£¬£¬°üÀ¨Éç»áÇå¾²ºÅÂë¡¢ÒøÐÐÕʺš¢³öÉúÈÕÆÚºÍ¼ÝʻִÕÕºÅÂëµÈ¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.rhinotimes.com/featured-article/hackers-steal-critical-customer-data-from-bank-of-oak-ridge/


4.CISAÖÒÑÔForgeRock»á¼ûÖÎÀíÖÐÒѱ»Ê¹ÓõÄRECÎó²î


4.jpg


CISAÖÒÑÔ¹¥»÷ÕßÕýÔÚÆð¾¢Ê¹ÓÃForgeRock»á¼ûÖÎÀí(AM)ÖеÄÔ¶³Ì´úÂëÖ´ÐÐÎó²î (CVE-2021-35464)¡£¡£¡£¡£¡£¡£¡£ForgeRock»á¼ûÖÎÀíÊÇÒ»¸ö»ùÓÚ¿ªÔ´»á¼ûÖÎÃ÷È·¾ö¼Æ»®OpenAMµÄÉÌÒµ¿ª·Å»á¼ûÖÎÀíµÄ½â¾ö¼Æ»®¡£¡£¡£¡£¡£¡£¡£Ê¹ÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿½ñÓû§µÄϵͳÖÐÖ´ÐÐÏÂÁ£¬£¬£¬£¬£¬Ó°ÏìÁËAM°æ±¾6.0.0.x¡¢6.5.0.x¡¢6.5.1¡¢6.5.2.xºÍ6.5.3¡£¡£¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾ÒÑÐû²¼ÁËÕë¶Ô¸ÃÎó²îµÄ»º½â²½·¥¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://us-cert.cisa.gov/ncas/current-activity/2021/07/12/critical-forgerock-access-management-vulnerability


5.Security CompassÐû²¼2021ÄêÍþв½¨Ä£µÄÌ¬ÊÆ±¨¸æ


5.jpg


Security CompassÐû²¼ÁË2021ÄêÍþв½¨Ä£Ì¬ÊÆµÄÆÊÎö±¨¸æ¡£¡£¡£¡£¡£¡£¡£¸Ã±¨¸æÖ¼ÔÚÏàʶÍþв½¨Ä£µÄÄ¿½ñÌ¬ÊÆ£¬£¬£¬£¬£¬£¬ÒÔ¼°´óÐÍÆóÒµÔÚ¹¹½¨ºÍ°²ÅÅÓ¦ÓóÌÐòʱÓöµ½µÄÌôÕ½¡£¡£¡£¡£¡£¡£¡£±¨¸æÖ¸³ö£¬£¬£¬£¬£¬£¬Ö»ÓÐ25%µÄÊÜ·ÃÕßÌåÏÖËûÃǵÄ×éÖ¯ÔÚÈí¼þ¿ª·¢µÄÐèÇóÍøÂçºÍÉè¼ÆÔçÆÚ½×¶Î¾ÙÐÐÁËÍþв½¨Ä££¬£¬£¬£¬£¬£¬²»µ½10%µÄÊÜ·ÃÕßÌåÏÖËûÃǶÔ90%Ö®ÉϵÄÓ¦ÓþÙÐÐÁËÍþв½¨Ä£¡£¡£¡£¡£¡£¡£¡£¿ÉÊÇÓÉÓÚCOVID-19£¬£¬£¬£¬£¬£¬Áè¼Ý80%µÄ×éÖ¯²»µÃ²î³ØÆäÍøÂçÇå¾²²½·¥¾ÙÐиıä¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://resources.securitycompass.com/research/2021-state-of-threatmodeling


6.BetterCloudÐû²¼2021ÄêÎļþÇå¾²µÄΣº¦ÆÊÎö±¨¸æ


6.jpg


BetterCloudÐû²¼ÁË2021ÄêÎļþÇå¾²µÄΣº¦ÆÊÎö±¨¸æ¡£¡£¡£¡£¡£¡£¡£¸Ã±¨¸æÊÓ²ìÁË500¶àÃûITºÍÇå¾²Ö°Ô±ÒÔÏàʶµ±½ñSaaSÎļþÇå¾²¡£¡£¡£¡£¡£¡£¡£±¨¸æÖ¸³ö£¬£¬£¬£¬£¬£¬½üÒ»°ëµÄ×éÖ¯ÌåÏÖËûÃÇ×îÌåÌùµÄÇå¾²ÎÊÌâÊDz»ÖªµÀÃô¸ÐÊý¾ÝµÄλÖã» £»£»£»£»£»Áè¼Ý70%µÄ×éÖ¯ÌåÏÖ×î´óµÄÊý¾Ýй¶Σº¦ÊÇÔ±¹¤£» £»£»£»£»£»Ö»ÓÐ35%µÄÊÜ·ÃÕßÏàÐÅÖÕ¶ËÓû§»áÈÏÕæÈεطÖÏíºÍ´æ´¢¹«Ë¾Êý¾Ý¡£¡£¡£¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬2021ÄêËæ×ÅÈ«ÇòÓªÒµµÄ»Ö¸´£¬£¬£¬£¬£¬£¬ÎļþÇå¾²ÊÂÎñì­ÉýÁË134%¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bettercloud.com/monitor/file-security-report-2021/