AvayaϵͳÖÎÀíÔ±ÒòÉæÏÓ²»·¨ÌìÉú²¢ÏúÊÛVoIPÔÊÐíÖ¤±»ÆðËß
Ðû²¼Ê±¼ä 2022-07-011¡¢AvayaϵͳÖÎÀíÔ±ÒòÉæÏÓ²»·¨ÌìÉú²¢ÏúÊÛVoIPÔÊÐíÖ¤±»ÆðËß
¾Ý6ÔÂ29ÈÕ±¨µÀ£¬£¬£¬3ÃûÉæÏÓ³öÊÛ¼ÛÖµÁè¼Ý8800ÍòÃÀÔªµÄAvaya Holdings CorporationÈí¼þÔÊÐíÖ¤µÄÏÓÒÉÈ˱»ÆðËߣ¬£¬£¬ÃæÁÙ14Ïîµç»ãڲƺÍÏ´Ç®µÄ×ïÃû¡£¡£¡£¡£Æ¾Ö¤Í¨¸æ£¬£¬£¬Avaya¿Í»§Ð§ÀÍÔ±¹¤Raymond Bradly PearceÀÄÓÃÆäÖÎÀíԱȨÏÞÌìÉúADIÈí¼þÔÊÐíÖ¤ÃÜÔ¿£¬£¬£¬È»ºó³öÊÛ¸øAvayaÊÚȨ¾ÏúÉÌJason M. Hines£¬£¬£¬¹«Ë¾¹ºÖÃÕâЩÔÊÐíÖ¤¿ÉÓÃÀ´½âËøAvaya IP Officeµç»°ÏµÍ³µÄ¹¦Ð§¡£¡£¡£¡£¾Ý³Æ£¬£¬£¬Pearce»¹Ð®ÖÆÁËÆäËûAvayaÖÎÀíÔ±µÄÕË»§À´ÌìÉúÔÊÐíÖ¤£¬£¬£¬ÒÔ×èÖ¹ÓÉÓÚÓëËûµÄÕË»§Ïà¹ØÁªµÄÃÜÔ¿ÌìÉúÁ¿Òì³£¶øÒýÆðÏÓÒÉ¡£¡£¡£¡£
https://www.bleepingcomputer.com/news/security/avaya-sysadmin-indicted-for-illegally-generating-selling-voip-licenses/
2¡¢ÎÖ¶ûÂê·ñ¶¨ÆäÔâµ½ºÚ¿ÍÍÅ»ïYanluowangµÄÀÕË÷¹¥»÷
ýÌå6ÔÂ29ÈÕ±¨µÀ³Æ£¬£¬£¬ÎÖ¶ûÂê·ñ¶¨ÆäÔâµ½ÁËYanluowangµÄÀÕË÷¹¥»÷¡£¡£¡£¡£±¾ÖÜÒ»£¬£¬£¬ÀÕË÷ÍÅ»ïYanluowangÔÚÆäÊý¾ÝÐ¹Â¶ÍøÕ¾ÉÏÐû²¼ÁËÒ»¸öÌõÄ¿£¬£¬£¬Éù³ÆËûÃǼÓÃÜÁËÎÖ¶ûÂê40000ÖÁ50000̨װ±¸¡£¡£¡£¡£¹¥»÷Õß͸¶£¬£¬£¬¹¥»÷±¬·¢ÔÚÒ»¸ö¶àÔÂǰ£¬£¬£¬ËûÃǼÓÃÜÁËÄ¿µÄµÄ×°±¸µ«Ã»ÓÐÇÔÈ¡ÈκÎÊý¾Ý£¬£¬£¬ÀÕË÷5500ÍòÃÀÔªµ«´ÓδÊÕµ½ÎÖ¶ûÂêµÄ»ØÓ¦£¬£¬£¬²¢Ðû²¼ÁË´ÓÎÖ¶ûÂêµÄWindowsÓòÖÐÌáÈ¡µÄÐÅÏ¢¡£¡£¡£¡£ÎÖ¶ûÂê·ñ¶¨ÆäÔâµ½¹¥»÷£¬£¬£¬²¢ÌåÏÖÐÅÏ¢Çå¾²ÍŶÓÕýÔÚ24/7È«Ììºò¼à¿ØËûÃǵÄϵͳ¡£¡£¡£¡£
https://www.bleepingcomputer.com/news/security/walmart-denies-being-hit-by-yanluowang-ransomware-attack/
3¡¢Å²Íþ¶à¼ÒΪÃñÖÚÌṩÖ÷ҪЧÀ͵ĴóÐ͹«Ë¾Ôâµ½DDoS¹¥»÷
¾ÝýÌå6ÔÂ29ÈÕ±¨µÀ£¬£¬£¬Å²Íþ¹ú¼ÒÇå¾²¾Ö(NSM)³ÆÓë¶íÂÞ˹ÓÐ¹ØµÄºÚ¿Í¶ÔÆäÒªº¦×éÖ¯¾ÙÐÐÁ˶à´ÎDDoS¹¥»÷¡£¡£¡£¡£¸Ã»ú¹¹µÄÖ÷¹ÜSofie Nystr?mÐû²¼ÉùÃ÷£¬£¬£¬ÔÚÒÑÍù24СʱÄÚ£¬£¬£¬Å²ÍþµÄÊý¸ö×éÖ¯ÒòÔâµ½¹¥»÷ÖÐÖ¹£¬£¬£¬Ö÷ÒªÊÇһЩΪÃñÖÚÌṩÖ÷ҪЧÀ͵ĴóÐ͹«Ë¾¡£¡£¡£¡£NSM²»¿Ï͸¶ÄÄЩ×éÖ¯Ôâµ½Á˹¥»÷£¬£¬£¬µ«Â·Í¸ÉçÌåÏÖŲÍþÀ͹¤¼à²ì¾ÖÊÇÓ°ÏìµÄ×éÖ¯Ö®Ò»£¬£¬£¬ÔÚ±¾ÖÜÈý±¬·¢ÖÐÖ¹¡£¡£¡£¡£ÏÖÔÚ£¬£¬£¬Å²ÍþÕÙ¿ªÁËÒ»´ÎÐÂÎÅÐû²¼»á£¬£¬£¬ÏÈÈÝÁ˸þÖÊÇÔõÑùÓ¦¶ÔÕâÒ»ÎÊÌâµÄ¡£¡£¡£¡£
https://therecord.media/norway-accuses-pro-russian-hackers-of-launching-wave-of-ddos-attacks/
4¡¢Intezer·¢Ã÷¿ÉÇÔÈ¡YouTubeÕË»§µÄ¶ñÒâÈí¼þYTStealer
6ÔÂ29ÈÕ£¬£¬£¬IntezerÅû¶ÁËÖ¼ÔÚÇÔÈ¡YouTube´´×÷ÕßµÄÕË»§µÄжñÒâÈí¼þYTStealer¡£¡£¡£¡£ÓëÆäËüÇÔÈ¡³ÌÐòµÄ²î±ðÖ®´¦ÔÚÓÚ£¬£¬£¬YTStealerÖ»Õë¶ÔÒ»ÏîЧÀÍÇÔȡƾ֤¡£¡£¡£¡£·Ö·¢YTStealerÑù±¾µÄÎļþ²»µ«×°ÖÃYTStealer£¬£¬£¬»¹×°ÖÃÁËÆäËüÇÔÈ¡³ÌÐò£¬£¬£¬°üÀ¨ÇÔÈ¡³ÌÐòRedLineºÍVidar¡£¡£¡£¡£¸Ã¶ñÒâÈí¼þÔÚÖ´ÐÐ֮ǰ»¹»á¾ÙÐÐһЩ·´É³ºÐµÄ¼ì²é£¬£¬£¬Ê¹ÓÃÁËGitHubÉϵĿªÔ´¹¤¾ßChacal¡£¡£¡£¡£µ±È·¶¨Ä¿µÄºó£¬£¬£¬Ëü»á×Ðϸ¼ì²éä¯ÀÀÆ÷SQLÊý¾Ý¿âÎļþÒÔ¶¨Î»YouTubeÉí·ÝÑéÖ¤ÁîÅÆ¡£¡£¡£¡£
https://www.intezer.com/blog/research/ytstealer-malware-youtube-cookies/
5¡¢AmazonÐÞ¸´PhotosÓ¦ÓÃÖпÉй¶Óû§»á¼ûÁîÅÆµÄÎó²î
ýÌå6ÔÂ29Èճƣ¬£¬£¬AmazonÐÞ¸´ÁËÆäPhotosÓ¦ÓÃÖÐÒ»¸öÑÏÖØµÄÎó²î£¬£¬£¬¸ÃÓ¦ÓÃÔÚGoogle PlayµÄÏÂÔØÁ¿ÒÑÁè¼Ý5000Íò´Î¡£¡£¡£¡£Checkmarx·¢Ã÷¸ÃÎó²îÔ´ÓÚÓ¦ÓóÌÐò×é¼þÉèÖùýʧ£¬£¬£¬µ¼ÖÂÆäÇåµ¥ÎļþÎÞÐèÉí·ÝÑéÖ¤¼´¿É´ÓÍⲿ»á¼û¡£¡£¡£¡£Ê¹ÓôËÎó²î¿ÉÄÜ»áʹװÖÃÔÚͳһÉè±¹ØÁ¬Ä¶ñÒâÓ¦ÓûñÈ¡ÓÃÓÚAmazon APIÉí·ÝÑéÖ¤µÄAmazon»á¼ûÁîÅÆ¡£¡£¡£¡£Ñо¿Ö°Ô±³Æ£¬£¬£¬ÀÕË÷Èí¼þºÜÈÝÒ׳ÉΪDZÔڵĹ¥»÷ǰÑÔ£¬£¬£¬¹¥»÷ÕßÖ»ÐèÒª¶ÁÈ¡¡¢¼ÓÃܺÍÖØÐ´Ä¿µÄµÄÎļþ£¬£¬£¬Í¬Ê±²Á³ýËûÃǵÄÀúÊ·¼Í¼¡£¡£¡£¡£±ðµÄ£¬£¬£¬ÆäËüAmazon APIsÒ²¿ÉÄÜʹÓÃÏàͬµÄÁîÅÆ£¬£¬£¬ÈçPrime Video¡¢AlexaºÍKindleµÈ£¬£¬£¬Òò´Ë£¬£¬£¬Î£º¦¿ÉÄÜÊÇÉîÔ¶µÄ¡£¡£¡£¡£
https://www.bleepingcomputer.com/news/security/amazon-fixes-high-severity-vulnerability-in-android-photos-app/
6¡¢º«¹úKISAÐû²¼ÊÊÓÃÓÚv1µ½v4°æ±¾µÄHive½âÃܹ¤¾ß
6ÔÂ30ÈÕ±¨µÀ£¬£¬£¬º«¹úÍøÂçÇå¾²»ú¹¹KISAÐû²¼ÁËÀÕË÷Èí¼þHiveµÄÃ⺬»ìÃÜÆ÷£¬£¬£¬ÊÊÓÃÓÚv1µ½v4°æ±¾¡£¡£¡£¡£Hive×Ô2021Äê6ÔÂÒÔÀ´Ò»Ö±»îÔ¾£¬£¬£¬Æ¾Ö¤ChainalysisµÄÊý¾Ý£¬£¬£¬ËüÊÇ2021ÄêÊÕÈëTop 10µÄÀÕË÷Èí¼þÍÅ»ïÖ®Ò»¡£¡£¡£¡£½ñÄê2Ô£¬£¬£¬Kookmin´óѧµÄÑо¿Ö°Ô±·¢Ã÷ÁËHiveʹÓõļÓÃÜËã·¨Öб£´æÒ»¸öÎó²î£¬£¬£¬¿ÉÓÃÀ´ÔÚ²»ÖªµÀ¼ÓÃÜÎļþµÄ˽ԿµÄÇéÐÎϽâÃÜÊý¾Ý¡£¡£¡£¡£
https://securityaffairs.co/wordpress/132770/malware/hive-ransomware-decryptor.html