KaseyaÇå¾²¸üÐÂÐÞ¸´REvilÔÚ¹©Ó¦Á´¹¥»÷ÖÐÓõÄ0day£»£»£»£»£»£»Ð¶ñÒâÈí¼þBIOPASSʹÓÃÖ±²¥Ó¦ÓÃOBSÂ¼ÖÆÄ¿µÄµÄÆÁÄ»
Ðû²¼Ê±¼ä 2021-07-13KaseyaÐû²¼Çå¾²¸üУ¬£¬£¬£¬£¬£¬ÐÞ¸´REvilÔÚ¹©Ó¦Á´¹¥»÷ÖÐÓõÄ0day¡£¡£¡£¡£¡£¡£¡£4Ô£¬£¬£¬£¬£¬£¬ºÉÀ¼Îó²îÅû¶Ñо¿Ëù (DIVD)Åû¶ÁËKaseyaµÄ7¸öÎó²î¡£¡£¡£¡£¡£¡£¡£Ö®ºó£¬£¬£¬£¬£¬£¬Kaseya¶ÔÆäVSA SaaSЧÀÍÉϵĴ󲿷ÖÎó²îÐû²¼Á˲¹¶¡£¬£¬£¬£¬£¬£¬µ«ÉÐδÍê³ÉÄÚ²¿°æ±¾VSAµÄ²¹¶¡¡£¡£¡£¡£¡£¡£¡£¶øREvilÍÅ»ïÏÈÒ»²½Ê¹ÓÃÁËÕâЩÎó²î£¬£¬£¬£¬£¬£¬ÓÚ7ÔÂ2ÈÕ¶ÔԼĪ60¸öMSPºÍ1500¼ÒÆóÒµ¿Í»§ÌᳫÁË´ó¹æÄ£¹¥»÷¡£¡£¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬KaseyaÐû²¼ÁËVSA 9.5.7a (9.5.7.2994) ¸üÐÂÒÔÐÞ¸´REvilʹÓõÄÎó²î£¬£¬£¬£¬£¬£¬°üÀ¨CVE-2021-30116¡¢CVE-2021-30119ºÍCVE-2021-30120µÈ¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/kaseya-patches-vsa-vulnerabilities-used-in-revil-ransomware-attack/
2.жñÒâÈí¼þBIOPASSʹÓÃÖ±²¥Ó¦ÓÃOBSÂ¼ÖÆÄ¿µÄµÄÆÁÄ»
Çå¾²¹«Ë¾Ç÷ÊÆ¿Æ¼¼·¢Ã÷жñÒâÈí¼þBIOPASSʹÓÃÖ±²¥Ó¦ÓÃOBSÂ¼ÖÆÄ¿µÄÅÌËã»úµÄÆÁÄ»¡£¡£¡£¡£¡£¡£¡£BIOPASSÊÇÓÃPython±àдµÄÔ¶³Ì»á¼ûľÂí (RAT)£¬£¬£¬£¬£¬£¬ÔÚ×î½üÕë¶ÔÔÚÏ߶IJ©¹«Ë¾µÄ¹¥»÷Öб»·¢Ã÷£¬£¬£¬£¬£¬£¬±»Òþ²ØÔÚÕýµ±µÄAdobe Flash Player»òMicrosoft SilverlightµÄ×°ÖóÌÐòÖС£¡£¡£¡£¡£¡£¡£BIOPASS RAT¾ßÓÐÔÚÆäËû¶ñÒâÈí¼þµÄ»ù±¾¹¦Ð§£¬£¬£¬£¬£¬£¬µ«ÉÐÓÐÒ»Ïîй¦Ð§£¬£¬£¬£¬£¬£¬¼´ÔÚÄ¿µÄϵͳÉÏ×°ÖÃOBS StudioÈí¼þ£¬£¬£¬£¬£¬£¬²¢Ê¹ÓøÃÈí¼þµÄ RTMP£¨ÊµÊ±ÐÂÎÅת´ïÐÒ飩Á÷ýÌ幦ЧÀ´Â¼ÖÆÓû§µÄÆÁÄ»²¢½«Æä¹ã²¥µ½¹¥»÷ÕߵĿØÖÆÌ¨¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://therecord.media/malware-abuses-obs-live-streaming-software-to-record-victims-screens/
3.ÃÀ¹úÏðÊ÷ÁëÒøÐÐ֪ͨÆä¿Í»§ÒòÍøÂç¹¥»÷СÎÒ˽¼ÒÐÅϢй¶
ÃÀ¹úÏðÊ÷ÁëÒøÐУ¨Bank Of Oak Ridge£©ÓÚ7ÔÂ9ÈÕÐÇÆÚÎå֪ͨÆä¿Í»§ÒòÍøÂç¹¥»÷СÎÒ˽¼ÒÐÅϢй¶¡£¡£¡£¡£¡£¡£¡£¸ÃÒøÐÐ³ÆÆäÔâµ½ÁËÍøÂç¹¥»÷£¬£¬£¬£¬£¬£¬µ¼ÖÂÒøÐеIJ¿·ÖЧÀÍÔÝʱÖÐÖ¹£¬£¬£¬£¬£¬£¬¾ÊӲ췢Ã÷ÉÐÓÐδ¾ÊÚȨµÄ¹¥»÷Õß»á¼ûÁËÆäϵͳ¡£¡£¡£¡£¡£¡£¡£´Ë´Î¹¥»÷±¬·¢ÔÚ4ÔÂ26ÈÕºÍ4ÔÂ27ÈÕ£¬£¬£¬£¬£¬£¬ÔÚ2009Äê9ÔÂ30ÈÕ֮ǰ¿ªÉèÕË»§µÄºã¾Ã¿Í»§µÄÐÅÏ¢¿ÉÄÜÒѾй¶£¬£¬£¬£¬£¬£¬°üÀ¨Éç»áÇå¾²ºÅÂë¡¢ÒøÐÐÕʺš¢³öÉúÈÕÆÚºÍ¼ÝʻִÕÕºÅÂëµÈ¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.rhinotimes.com/featured-article/hackers-steal-critical-customer-data-from-bank-of-oak-ridge/
4.CISAÖÒÑÔForgeRock»á¼ûÖÎÀíÖÐÒѱ»Ê¹ÓõÄRECÎó²î
CISAÖÒÑÔ¹¥»÷ÕßÕýÔÚÆð¾¢Ê¹ÓÃForgeRock»á¼ûÖÎÀí(AM)ÖеÄÔ¶³Ì´úÂëÖ´ÐÐÎó²î (CVE-2021-35464)¡£¡£¡£¡£¡£¡£¡£ForgeRock»á¼ûÖÎÀíÊÇÒ»¸ö»ùÓÚ¿ªÔ´»á¼ûÖÎÃ÷È·¾ö¼Æ»®OpenAMµÄÉÌÒµ¿ª·Å»á¼ûÖÎÀíµÄ½â¾ö¼Æ»®¡£¡£¡£¡£¡£¡£¡£Ê¹ÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿½ñÓû§µÄϵͳÖÐÖ´ÐÐÏÂÁ£¬£¬£¬£¬£¬Ó°ÏìÁËAM°æ±¾6.0.0.x¡¢6.5.0.x¡¢6.5.1¡¢6.5.2.xºÍ6.5.3¡£¡£¡£¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾ÒÑÐû²¼ÁËÕë¶Ô¸ÃÎó²îµÄ»º½â²½·¥¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://us-cert.cisa.gov/ncas/current-activity/2021/07/12/critical-forgerock-access-management-vulnerability
5.Security CompassÐû²¼2021ÄêÍþв½¨Ä£µÄÌ¬ÊÆ±¨¸æ
Security CompassÐû²¼ÁË2021ÄêÍþв½¨Ä£Ì¬ÊÆµÄÆÊÎö±¨¸æ¡£¡£¡£¡£¡£¡£¡£¸Ã±¨¸æÖ¼ÔÚÏàʶÍþв½¨Ä£µÄÄ¿½ñÌ¬ÊÆ£¬£¬£¬£¬£¬£¬ÒÔ¼°´óÐÍÆóÒµÔÚ¹¹½¨ºÍ°²ÅÅÓ¦ÓóÌÐòʱÓöµ½µÄÌôÕ½¡£¡£¡£¡£¡£¡£¡£±¨¸æÖ¸³ö£¬£¬£¬£¬£¬£¬Ö»ÓÐ25%µÄÊÜ·ÃÕßÌåÏÖËûÃǵÄ×éÖ¯ÔÚÈí¼þ¿ª·¢µÄÐèÇóÍøÂçºÍÉè¼ÆÔçÆÚ½×¶Î¾ÙÐÐÁËÍþв½¨Ä££¬£¬£¬£¬£¬£¬²»µ½10%µÄÊÜ·ÃÕßÌåÏÖËûÃǶÔ90%Ö®ÉϵÄÓ¦ÓþÙÐÐÁËÍþв½¨Ä£¡£¡£¡£¡£¡£¡£¡£¿ÉÊÇÓÉÓÚCOVID-19£¬£¬£¬£¬£¬£¬Áè¼Ý80%µÄ×éÖ¯²»µÃ²î³ØÆäÍøÂçÇå¾²²½·¥¾ÙÐиı䡣¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://resources.securitycompass.com/research/2021-state-of-threatmodeling
6.BetterCloudÐû²¼2021ÄêÎļþÇå¾²µÄΣº¦ÆÊÎö±¨¸æ
BetterCloudÐû²¼ÁË2021ÄêÎļþÇå¾²µÄΣº¦ÆÊÎö±¨¸æ¡£¡£¡£¡£¡£¡£¡£¸Ã±¨¸æÊÓ²ìÁË500¶àÃûITºÍÇå¾²Ö°Ô±ÒÔÏàʶµ±½ñSaaSÎļþÇå¾²¡£¡£¡£¡£¡£¡£¡£±¨¸æÖ¸³ö£¬£¬£¬£¬£¬£¬½üÒ»°ëµÄ×éÖ¯ÌåÏÖËûÃÇ×îÌåÌùµÄÇå¾²ÎÊÌâÊDz»ÖªµÀÃô¸ÐÊý¾ÝµÄλÖ㻣»£»£»£»£»Áè¼Ý70%µÄ×éÖ¯ÌåÏÖ×î´óµÄÊý¾Ýй¶Σº¦ÊÇÔ±¹¤£»£»£»£»£»£»Ö»ÓÐ35%µÄÊÜ·ÃÕßÏàÐÅÖÕ¶ËÓû§»áÈÏÕæÈεطÖÏíºÍ´æ´¢¹«Ë¾Êý¾Ý¡£¡£¡£¡£¡£¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬2021ÄêËæ×ÅÈ«ÇòÓªÒµµÄ»Ö¸´£¬£¬£¬£¬£¬£¬ÎļþÇå¾²ÊÂÎñìÉýÁË134%¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bettercloud.com/monitor/file-security-report-2021/