¹ã²¥µç̨KHSUÒòÀÕË÷Èí¼þ¹¥»÷µ¼Ö½ÚÄ¿ÖжÏ £»À¶Ê®×Ö¹«Ë¾½«ÎªÊý¾Ýй©ÊÂÎñÖ§¸¶1000ÍòÃÀÔª

°ä²¼¹¦·ò 2019-07-15

1¡¢À¶Ê®×Ö¹«Ë¾½«ÎªÊý¾Ýй©ÊÂÎñÖ§¸¶1000ÍòÃÀÔª


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


Ò½ÁƱ£ÏÕ¹«Ë¾Premera Blue CrossÒѾ­ÔÞ³ÉÏò30¸öÖÝÖ§¸¶1000ÍòÃÀÔª×÷Ϊ2015ÄêÊý¾Ýй¶ÊÂÎñµÄºÍ½â½ð¡£¸ÃÊÂÎñ²úÉúÔÚ2014Äê5ÔÂÖÁ2015Äê3ÔÂÆÚ¼ä £¬¹¥»÷Õß½Ó¼ûÁË1040ÍòÈ˵ÄÒ½ÁƼͼ¡¢ÒøÐÐÕË»§ÐÅÏ¢ÒÔ¼°Éç»á°²È«ºÅÂëµÈÃô¸ÐÐÅÏ¢¡£Æ¾¾ÝºÍ½âºÍ̸ £¬Premera½«Ïò»ªÊ¢¶ÙÖ§¸¶540ÍòÃÀÔª £¬ÆäÓà½ð¶î½«Ö§¸¶¸øÆäËüÖÝ¡£¸Ã¹«Ë¾»¹±£ÕϽ«Ö´ÐÐÊý¾Ý°²È«½ÚÔìÒÔ± £»¤Ó×ÎÒÒ½ÁÆÐÅÏ¢ £¬²¢ÇÒÿÄêÉó²éÆä°²È«Êµ¼ÊºÍÏò˾·¨²¿³¤°ì¹«ÊÒÌṩÊý¾Ý°²È«»ã±¨¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.securityweek.com/premera-blue-cross-pays-states-10-million-over-data-breach


2¡¢¹ã²¥µç̨KHSUÒòÀÕË÷Èí¼þ¹¥»÷µ¼Ö½ÚÄ¿ÖжÏ


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


ÃÀ¹ú¼ÓÖݺ鱤ÖÝÁ¢´óѧռÓеÄKHSU¹ã²¥µç̨Ôâµ½ÀÕË÷Èí¼þ¹¥»÷ £¬µ¼Ö¸õç̨µÄËùÓÐϵͳºÍ´æ´¢·þÎñÆ÷̱»¾ £¬½ÚÄ¿±»ÆÈÖжÏ¡£µ«KHSUÈ·ÈϳÆÊÜϰȾµÄ·þÎñÆ÷²¢Î´Ô̺¬ÈκÎÃô¸ÐÐÅÏ¢¡£KHSUÔÚ7ÔÂ1ÈÕ·¢ÏÖÕâ´Î¹¥»÷ £¬¹¥»÷ÕßÀûÓÃÁËKHSUϵͳÖеݲȫ·ì϶¡£KHSU°µÊ¾Ã»ÓÐÊÕµ½Êê½ðÒªÇó £¬Ò²²»ÖªÂ·¹¥»÷µÄÆðÔ´¡£ÔÚ·¢ÏÖÊÂÎñºó £¬KHSUÏòÁª¹ú·¨Âɲ¿ÃźÍÁª¹úͨѶίԱ»á»ã±¨ÁËÕâÒ»ÊÂÎñ¡£


Ô­ÎÄÁ´½Ó£ºhttps://cyware.com/news/khsu-radio-stations-regular-programming-interrupted-due-to-ransomware-attack-e39dbd3d


3¡¢GlamoriserÀ¶ÑÀÖ±·¢Æ÷Ò×ÔâºÚ¿Í¹¥»÷ £¬¿ÉÒý·¢»ð¾¯·çÏÕ


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


×êÑÐÈËÔ±³ÆÀ¶ÑÀÖ±·¢Æ÷Glamoriser´æÔÚ°²È«·ì϶ £¬Ò×±»ºÚ¿Í´Û¸ÄÒÔÒý·¢»ð¾¯¡£¸ÃÖ±·¢Æ÷¿Éͨ¹ýÀ¶ÑÀµÍ¹¦ºÄÅä¶Ô»úÔ죨BLE£©ÓëÊÖ»úAPPÏνÓ £¬Æ¾¾Ý×êÑÐÈËÔ±µÄ±íÊö £¬ÓÉÓÚÔì×÷ÉÌûÓпª·¢Åä¶Ô/°ó¶¨Ö°ÄÜ£¨¼´APPºÍÖ±·¢Æ÷Ö®¼äûÓÐÈκΰ²È«½ÚÔì»òÉí·ÝÈÏÖ¤£© £¬ÕâʹµÃÀûÓÃÁìÓòÄÚµÄÈκÎÈ˶¼Äܹ»½ÚÔìÖ±·¢Æ÷Òý·¢»ð¾¯·çÏÕ £¬ÀýÈçÌá¸ßζȲ¢½«×Ô¶¯¹Ø¹Ø¹¦·òµ¢¸éÖÁ20·ÖÖÓ¡£


Ô­ÎÄÁ´½Ó£ºhttps://threatpost.com/firestarter-hacked-hair-straighteners/146434/


4¡¢×êÑÐÍŶӰ䲼ÀÕË÷Èí¼þLoocipherµÄ½âÃܹ¤¾ß


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


Yoroi-Cybaze ZLab×êÑÐÍŶӰ䲼ÀÕË÷Èí¼þLoocipherµÄÃâ·Ñ½âÃÜÆ÷¡£Æ¾¾ÝFortinetµÄ˵·¨ £¬LooCipherʹÓõļÓÃÜËã·¨ÊÇ´øÓÐ16×Ö½ÚÃÜÔ¿µÄAES-128 ECB¡£ÃÜÔ¿´ÓÔ¤Ô¼ÒåµÄ×Ö·ûÊý×éÖÐËæ»úÌìÉú¡£ÓÉÓÚAESÊǶԳÆÃÜÔ¿Ëã·¨ £¬Òò¶ø»ñµÃ¸ÃÃÜÔ¿½«Äܹ»¸´Ô­ËùÓеļÓÃÜÎļþ¡£Cybaze-Yoroi ZLab°ä²¼ÁËÒ»¸öÄܹ»´ÓÄÚ´æÖÐÌáÈ¡ÃÜÔ¿²¢½âÃÜÎļþµÄ×Ô¶¯¹¤¾ß £¬¸Ã¹¤¾ßÒªÇóLooCipher¹ý³Ì´¦Óڻ״̬ £¬ÈôÊǹý³Ì±»ÖÕÖ¹»òPC³ÁÆô £¬Ôò¸Ã¹¤¾ßÎÞ·¨ÕñÐË×÷Óá£


Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/88310/malware/loocipher-ransomware-decryptor.html


5¡¢MioriбäÖÖ £¬Ê¹ÓöÀÓкÍ̸ÓëC2·þÎñÆ÷½øÐÐͨѶ


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


Ç÷Ïò¿Æ¼¼×êÑÐÈËÔ±·¢ÏÖ½©Ê¬ÍøÂçMioriµÄÒ»¸öбäÖÖ £¬¸Ã±äÖÖʹÓöÀÓеĺÍ̸ÓëC2½øÐÐͨѶ¡£ÒÔǰµÄMiori±äÖÖʹÓûùÓÚ¶þ½øÔìµÄºÍ̸ÓëC2·þÎñÆ÷ͨѶ £¬²¢Ïò֪·C2 IPµØÖ·µÄÈκÎÈËÏÔʾµÇ¼ÌáÐÑ¡£µ«¸ÃбäÖÖѡȡ»ùÓÚÎı¾µÄºÍ̸½øÐÐC2ͨѶ £¬²¢Ö´ÐÐÁ˱ £»¤´ëÊ©£ºÈôÊÇûÓÐÌṩָ¶¨µÄ×Ö·û´® £¬Ôò»á¶Ï¿ªÏνÓ¡£Ëü»¹Ö§³Ö¼ÓÃܺÅÁî¡£¶ÔÑù±¾µÄ·ÖÎö½ÒʾÁËÏúÊÛMiori botÔ´´úÂëµÄÍøÕ¾µÄURL £¬ÊÛ¼ÛΪ110ÃÀÔª¡£


Ô­ÎÄÁ´½Ó£ºhttps://securityaffairs.co/wordpress/88303/malware/miori-botnet-new-c2-protocol.html


6¡¢Ó¢¹ú¹ú¶ÈÍøÂ簲ȫÖÐÐÄÕë¶Ôµ±Ç°»îÔ¾µÄDNS½Ù³Ö¹¥»÷°ä²¼¾¯±¨


28Ȧ-28Ȧ¹Ù·½ÍøÕ¾-ÏàÐÅÆ·ÅƵÄÁ¦Á¿


Ó¢¹ú¹ú¶ÈÍøÂ簲ȫÖÐÐÄ£¨NCSC£©°ä²¼¹ØÓÚµ±Ç°»îÔ¾µÄDNS½Ù³Ö¹¥»÷µÄ¾¯±¨¡£Õâ·ÝÎļþ¸ÅÊöÁËDNS½Ù³Ö¹¥»÷´øÀ´µÄ·çÏÕ £¬²¢ÎªÆóÒµÌṩÁË»º½â½¨Òé¡£ÆóÒµµÄÓòÃû×¢²á·þÎñÉÌÕË»§ÊǸ߼ÛÖµµÄÖ¸±ê £¬³£ÔÚײ¿â¹¥»÷¡¢´¹µö¹¥»÷»òÆäËü´ó¾ÖµÄÉç½»¹¤³Ì¹¥»÷Öб»ÊÕÊÜ¡£NCSC½¨ÒéʹÓÃרÃŵÄÇ¿ÃÜÂë¶ÔÕâÀàÕË»§½øÐб £»¤ £¬²¢¾¡¿ÉÄÜÆôÓöà³É·ÖÉí·ÝÑéÖ¤¡£


Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/ncsc-issues-alert-about-active-dns-hijacking-attacks/