6ÔÂWindows¸üпÉÄܵ¼Ö²¿·ÖÓ¦ÓÃÎÞ·¨Ê¹ÓÃVSS±¸·Ý

Ðû²¼Ê±¼ä 2022-06-17
1¡¢6Ô·ÝWindows¸üпÉÄܵ¼Ö²¿·ÖÓ¦ÓÃÎÞ·¨Ê¹ÓÃVSS±¸·Ý

      

¾Ý6ÔÂ15ÈÕ±¨µÀ£¬£¬£¬£¬£¬£¬Î¢ÈíÌåÏÖ£¬£¬£¬£¬£¬£¬ÔÚ×°ÖÃ2022Äê6ÔµÄWindows¸üк󣬣¬£¬£¬£¬£¬Ä³Ð©Ó¦ÓóÌÐò¿ÉÄÜÎÞ·¨Ê¹ÓþíÓ°¸´ÖÆÐ§ÀÍ(VSS)À´±¸·ÝÊý¾Ý¡£¡£¡£ ¡£¡£¸ÃÎÊÌâÊÇÐÞ¸´MicrosoftÎļþЧÀÍÆ÷¾íÓ°¸´ÖÆÊðÀíЧÀÍ(RVSS)ÖеÄÌáȨÎó²î(CVE-2022-30154)µ¼ÖµÄ¡£¡£¡£ ¡£¡£±£´æÎÊÌâµÄϵͳÖУ¬£¬£¬£¬£¬£¬Windows±¸·ÝÓ¦ÓóÌÐòÔÚ¾íÓ°¸´Öƽ¨ÉèÀú³ÌÖпÉÄÜ»áÊÕµ½E_ACCESSDENIED¹ýʧ£¬£¬£¬£¬£¬£¬ÇÒ»áÔÚÎļþЧÀÍÆ÷ÖмͼΪ"FileShareShadowCopyAgent Event 1013"¡£¡£¡£ ¡£¡£


https://www.bleepingcomputer.com/news/microsoft/microsoft-june-windows-server-updates-may-cause-backup-issues/


2¡¢F5 LabsÅû¶ÐÂAndroidľÂíMaliBotµÄϸ½ÚÐÅÏ¢

      

6ÔÂ15ÈÕ£¬£¬£¬£¬£¬£¬F5 Labs×îб¨¸æÅû¶ÁËAndroidľÂíMaliBotµÄϸ½ÚÐÅÏ¢¡£¡£¡£ ¡£¡£MaliBotרעÓÚÇÔÈ¡½ðÈÚÐÅÏ¢£¬£¬£¬£¬£¬£¬ÀýÈçµç×ÓÒøÐÐЧÀÍÆ¾Ö¤¡¢¼ÓÃÜÇ®°üÃÜÂëºÍСÎÒ˽¼ÒÏêϸÐÅÏ¢£¬£¬£¬£¬£¬£¬»¹¿ÉÒÔÇÔÈ¡ºÍÈÆ¹ý¶àÒòËØ(2FA/MFA)´úÂ룬£¬£¬£¬£¬£¬Ö÷ÒªÕë¶ÔÒâ´óÀûºÍÎ÷°àÑÀµÄ½ðÈÚ»ú¹¹¡£¡£¡£ ¡£¡£¸Ã¶ñÒâÈí¼þ»áαװ³É¼ÓÃÜÇ®±ÒÍÚ¾òÓ¦ÓóÌÐò¡°Mining X¡±ºÍ¡°The CryptoApp¡±£¬£¬£¬£¬£¬£¬ÓÐʱҲαװ³É¡°MySocialSecurity¡±ºÍ¡°Chrome¡±¡£¡£¡£ ¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬Ñо¿Ö°Ô±ÌåÏÖÆäC2ЧÀÍÆ÷λÓÚ¶íÂÞ˹£¬£¬£¬£¬£¬£¬ËƺõÓë·Ö·¢SalityµÄ»î¶¯Ê¹ÓõÄÊÇͳһ¸öЧÀÍÆ÷£¬£¬£¬£¬£¬£¬×Ô2020Äê6ÔÂÒÔÀ´£¬£¬£¬£¬£¬£¬Ðí¶à»î¶¯¶¼Ô´×Ô´ËIP¡£¡£¡£ ¡£¡£


https://www.f5.com/labs/articles/threat-intelligence/f5-labs-investigates-malibot


3¡¢Citrix ADM¿ÉÖØÖÃÖÎÀíÔ±ÃÜÂëµÄÎó²îCVE-2022-27511

      

¾ÝýÌå6ÔÂ15ÈÕ±¨µÀ£¬£¬£¬£¬£¬£¬CitrixÓ¦Óý»¸¶ÖÎÀí(ADM)±£´æ¿ÉÖØÖÃÖÎÀíÔ±ÃÜÂëµÄÎó²î¡£¡£¡£ ¡£¡£¸ÃÎó²î×·×ÙΪCVE-2022-27511£¬£¬£¬£¬£¬£¬ÊÇÓɲ»×¼È·µÄ»á¼û¿ØÖƵ¼ÖµÄ£¬£¬£¬£¬£¬£¬Ó°ÏìËùÓÐÊÜÖ§³ÖµÄCitrix ADMЧÀÍÆ÷ºÍCitrix ADMÊðÀí°æ±¾¡£¡£¡£ ¡£¡£CitrixÚ¹Ê͵À£¬£¬£¬£¬£¬£¬Ê¹ÓøÃÎó²î¿ÉÄÜÔÚÏ´Î×°±¸ÖØÆôÊ±ÖØÖÃÖÎÀíÔ±ÃÜÂ룬£¬£¬£¬£¬£¬¾ßÓÐssh»á¼ûȨÏ޵Ĺ¥»÷ÕßÔÚ×°±¸ÖØÆôºó¿ÉÒÔʹÓÃĬÈÏÖÎÀíԱƾ֤¾ÙÐÐÅþÁ¬¡£¡£¡£ ¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬Îó²îÒѱ»ÐÞ¸´£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾½¨ÒéÖÎÀíÔ±Á¬Ã¦×°Öò¹¶¡¡£¡£¡£ ¡£¡£


https://www.bleepingcomputer.com/news/security/citrix-warns-critical-bug-can-let-attackers-reset-admin-passwords/


4¡¢Ñо¿Ö°Ô±·¢Ã÷BeanVPN½ü20GBµÄÅþÁ¬ÈÕÖ¾¿É¹ûÕæ»á¼û

      

ýÌå6ÔÂ15Èճƣ¬£¬£¬£¬£¬£¬CybernewsµÄÊӲ췢Ã÷ÌṩÉÌBeanVPN 18.5 GBµÄÅþÁ¬ÈÕÖ¾¿É±»¹ûÕæ»á¼û¡£¡£¡£ ¡£¡£¸Ã»º´æÈÕÖ¾°üÀ¨Áè¼Ý2500ÍòÌõ¼Í¼£¬£¬£¬£¬£¬£¬Éæ¼°Óû§×°±¸ºÍPlayЧÀÍID¡¢ÅþÁ¬Ê±¼ä´ÁºÍIPµØµãµÈ¡£¡£¡£ ¡£¡£Ñо¿Ö°Ô±ÌåÏÖ£¬£¬£¬£¬£¬£¬PlayЧÀÍID¿ÉÓÃÓÚ²éÕÒÓû§µÇ¼װ±¸Ê±Ê¹Óõĵç×ÓÓʼþµØµã¡£¡£¡£ ¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬¸ÃÌṩÉÌÌåÏÖ²»ÍøÂçÓû§IPµØµã¡¢´«³öIPµØµã¡¢ÅþÁ¬Ê±¼ä´ÁºÍ»á»°Ò»Á¬Ê±¼äµÈÐÅÏ¢¡£¡£¡£ ¡£¡£µ«Õâһ˵·¨Óëй¶µÄÐÅÏ¢²¢·×ÆçÖ£¬£¬£¬£¬£¬£¬ºóÕßÏÕЩ°üÀ¨ÁËBeanVPNÉù³Æ²»»áÍøÂçµÄËùÓÐÊý¾Ý¡£¡£¡£ ¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬Ð¹Â¶µÄÊý¾ÝÒѱ»±£»£» £»£»£»¤ÆðÀ´¡£¡£¡£ ¡£¡£


https://www.infosecurity-magazine.com/news/beanvpn-leaks-user-records/


5¡¢ÃÀ¹úTransact CampusÉèÖùýʧй¶3Íò¶àѧÉúµÄÐÅÏ¢

      

ýÌå6ÔÂ15ÈÕ±¨µÀ£¬£¬£¬£¬£¬£¬SafetyDetectives·¢Ã÷ÁËÒ»¸öÉèÖùýʧµÄElasticsearchЧÀÍÆ÷£¬£¬£¬£¬£¬£¬ÆäÖаüÀ¨Transact CampusµÄÓ¦ÓóÌÐòµÄÊý¾Ý¡£¡£¡£ ¡£¡£¸ÃÓ¦ÓÃÓÃÓڸߵȽÌÓý»ú¹¹µÄѧÉúµÄÖ§¸¶Á÷³Ì£¬£¬£¬£¬£¬£¬´Ë´ÎÊÂÎñй¶ÁËÔ¼100ÍòÌõ¼Í¼£¬£¬£¬£¬£¬£¬Éæ¼°3ÖÁ4ÍòÃûѧÉú¡£¡£¡£ ¡£¡£ÖµµÃ×¢ÖØµÄÊÇ£¬£¬£¬£¬£¬£¬Óû§ÃûºÍÃÜÂëµÈµÇ¼Êý¾Ý¾ùÒÔ´¿Îı¾ÃûÌô洢£¬£¬£¬£¬£¬£¬ÇÒй¶µÄÐÅÓÿ¨ÐÅÏ¢°üÀ¨ÒøÐÐʶÓÖÃû¡¢ÐÅÓÿ¨ºÅµÄǰÁùλºÍºóËÄλºÍµ½ÆÚÈÕÆÚµÈ¡£¡£¡£ ¡£¡£ÏÖÔÚ£¬£¬£¬£¬£¬£¬Êý¾Ý¿âÒѱ»±£»£» £»£»£»¤ÆðÀ´£¬£¬£¬£¬£¬£¬µ«¸Ã¹«Ë¾Éù³ÆÐ§ÀÍÆ÷²»ÔÚËûÃǵĿØÖÆÖ®ÏÂÇÒÊý¾ÝÊǼٵÄ¡£¡£¡£ ¡£¡£µ«Ñо¿Ö°Ô±ÌåÏÖ¾­ÓÉ¿ªÔ´¹¤¾ßµÄ¼ì²é£¬£¬£¬£¬£¬£¬ÕâЩÊý¾ÝÊôÓÚÕæÊµµÄÓû§¡£¡£¡£ ¡£¡£


https://www.hackread.com/elasticsearch-database-expose-login-pii-data-students/


6¡¢Blue MockingbirdÍÅ»ïÀÄÓÃTelerik UIÖеÄÎó²îÍÚ¿ó

      

6ÔÂ15ÈÕ£¬£¬£¬£¬£¬£¬SophosÐû²¼ÁËBlue Mockingbird½üÆÚ¹¥»÷»î¶¯µÄÆÊÎö±¨¸æ¡£¡£¡£ ¡£¡£¸ÃÍÅ»ïʹÓÃÁËTelerik UI WebÓ¦ÓóÌÐò¿ò¼ÜÖеÄÎó²îÀ´ÈëÇÖЧÀÍÆ÷£¬£¬£¬£¬£¬£¬×°ÖÃCobalt Strike beacons£¬£¬£¬£¬£¬£¬È»ºóÐ®ÖÆÏµÍ³×ÊÔ´À´ÍÚ¾òMonero¡£¡£¡£ ¡£¡£¹¥»÷ÕßʹÓõÄÊÇÒѱ£´æ3ÄêµÄ.NET·´ÐòÁл¯Îó²î£¨CVE-2019-18935£¬£¬£¬£¬£¬£¬CVSSÆÀ·Ö9.8£©£¬£¬£¬£¬£¬£¬¿ÉÔÚTelerik UI¿âÖÐÔ¶³ÌÖ´ÐÐASP.NET AJAXµÄ´úÂë¡£¡£¡£ ¡£¡£±ðµÄ£¬£¬£¬£¬£¬£¬ÔÚ¹¥»÷Àú³ÌÖУ¬£¬£¬£¬£¬£¬¸ÃÍÅ»ïʹÓÃÁËÒ»ÖÖÏֳɵÄPoC£¬£¬£¬£¬£¬£¬¿É´¦Öóͷ£¼ÓÃÜÂß¼­²¢×Ô¶¯Ö´ÐÐDLL±àÒë¡£¡£¡£ ¡£¡£


https://www.bleepingcomputer.com/news/security/hackers-exploit-three-year-old-telerik-flaws-to-deploy-cobalt-strike/