GRIMMÅû¶iSCSIÖÐÒÑ´æÔÚ15ÄêµÄ3¸ö¸ßΣ·ì϶ £»Google°ä²¼Õë¶ÔChromeä¯ÀÀÆ÷µÄSpectre¹¥»÷µÄPoC

°ä²¼¹¦·ò 2021-03-15

1.GRIMMÅû¶iSCSIÖÐÒÑ´æÔÚ15ÄêµÄ3¸ö¸ßΣ·ì϶


1.jpg


GRIMMµÄ×êÑÐÈËÔ±ÔÚLinuxÄÚºË×ÓϵͳiSCSIÖз¢ÏÖÁË3¸ö¸ßΣ·ì϶ £¬ÕâЩ·ì϶×Ô2006ÄêÒѾ­´æÔÚ¡£Õâ3¸ö·ì϶±ðÀëΪ¶Ñ»º³åÇøÒç¶Âí½Å£¨CVE-2021-27365£© £¬¿Éµ¼Ö±¾µØÌáȨ¡¢ÐÅϢй¶ºÍ»Ø¾ø·þÎñ £»ÄÚºËÖ¸Õëй¶·ì϶£¨CVE-2021-27363£© £¬¿Éµ¼ÖÂÐÅϢй¶ £»ÒÔ¼°Ô½½ç¶ÁÈ¡·ì϶£¨CVE-2021-27364£© £¬¿Éµ¼ÖÂÐÅϢй¶ºÍ»Ø¾ø·þÎñ¡£¹¥»÷ÕßÄܹ»ÀûÓÃÕâЩ·ì϶À´ÈƹýKASLR¡¢SMEP¡¢SMAPºÍKPTIµÈ°²È«Ö°ÄÜ¡£Ä¿Ç° £¬ÕâЩ·ì϶ÒÑÓÚ3ÔÂ7ÈÕ±»½¨¸´¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/15-year-old-linux-kernel-bugs-let-attackers-gain-root-privileges/


2.NCC GroupÅû¶Netgear»¥»»»úÖеÄ15¸ö·ì϶


2.jpg


NCC Group×êÑÐÈËÔ±·¢ÏÖNetgearµÄJGS516PEÒÔÌ«Íø»¥»»»úÖдæÔÚ15¸ö·ì϶¡£ÕâЩ·ì϶ÖнÏΪÑϳÁµÄÊÇ´úÂëÖ´Ðзì϶£¨CVE-2020-26919£© £¬CVSS v3ÆÀ·ÖΪ9.8 £¬¹¥»÷ÕßÄܹ»ÀûÓÃËüÀ´ÈƹýÉí·ÝÑéÖ¤²¢ÒÔÖÎÀíԱȨÏÞÖ´ÐдúÂë¡£´Ë±í £¬»¹ÓÐCVSS v3ÆÀ·ÖΪ8.8µÄNSDPÉí·ÝÑéÖ¤ÈÆ¹ý·ì϶£¨CVE-2020-35231£©ºÍ¿ÉÉÏ´«¶ñÒâ´úÂëµÄ£¨CVE-2020-35220£©µÈ·ì϶¡£Ä¿Ç° £¬NetgearÒѰ䲼°²È«¸üР£¬À´½¨¸´ÉÏÊö·ì϶¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/115586/hacking/netgear-soho-flaws.html


3.Google°ä²¼Õë¶ÔChromeä¯ÀÀÆ÷µÄSpectre¹¥»÷µÄPoC


3.jpg


Google°ä²¼ÁËÕë¶ÔChromeä¯ÀÀÆ÷JavaScriptÒýÇæµÄSpectre¹¥»÷PoC¡£Google³Æ £¬¸ÃPoC´úÂë¿ÉÔÚIntel Skylake CPUµÄChrome 88ÉÏÔËÐÐ £¬ÒÔ1kB/ sµÄ¿ìÂÊ´ÓÉ豸ÄÚ´æÖÐÏÂÔØÊý¾Ý¡£´Ë±í £¬Google×êÑÐÈËÔ±´§Ä¦PoC´úÂë¿ÉÔÚÆäËûCPU£¨·ÖÆçµÄ¹©¸øÉ̺ÍÐͺţ©¡¢²Ù×÷ϵͳºÍChromium°æ±¾ÉÏʹÓá£Google½¨ÒéWeb¿ª·¢ÈËԱʹÓà Ðµİ²È«»úÔìÀ´»º½âSpectreÓ²¼þ¹¥»÷ºÍ³£¼ûµÄWeb¿çվй¶ £¬²¢ÌṩÁËPost-Spectre Web¿ª·¢»ººÍ½âSide-Channel¹¥»÷µÄÖ¸ÄÏ¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/115573/hacking/google-chrome-spectre-poc.html


4.ÄϷDZ£ÏÕ¹«Ë¾PPSÔâµ½¹¥»÷ £¬¿Í»§Ó×ÎÒÐÅϢй¶


4.jpg


ÄϷDZ£ÏÕºÍͶ×ÊÕ÷ѯ¹«Ë¾PPSÔâµ½¹¥»÷ £¬¿Í»§Ó×ÎÒÐÅÏ¢¿ÉÄÜÒѾ­Ð¹Â¶¡£¸Ã¹«Ë¾ÔÚÒ»·ÝÉêÃ÷ÖаµÊ¾ £¬ÆäÔ⵽δ֪ºÚ¿ÍµÄÍøÂç¹¥»÷ £¬·þÎñ¿ÉÄÜ»áÖжÏ¡£Ä¿Ç° £¬ËûÃÇÔÚ¶Ô´ËʽøÐе÷²é £¬²¢ÊÔͼ¸´Ô­ÆäIT»ù´¡¼Ü¹¹µÄÖ°ÄÜʱ¡£Ôڴ˹ý¶ÉÆÚ¼ä £¬¸Ã¹«Ë¾»¹ÌṩÁ˺ܶà´úÌæÁ÷³Ì £¬ÒÔ×î´óˮƽµØÏ÷¼õ¹¥»÷¶Ô¿Í»§µÄÓ°Ï졣Ŀǰ £¬Éв»ÖªÂ·PPSÔâµ½µÄ¹¥»÷ÀàÐÍ £¬ÒÔ¼°¿ÉÄÜй¶ÐÅÏ¢µÄÁìÓò¡£


Ô­ÎÄÁ´½Ó£º

https://mybroadband.co.za/news/security/389402-pps-hit-by-cyber-attack.html    


5.Unit42°ä²¼ÓйØDearCryÀÕË÷Èí¼þµÄ·ÖÎö»ã±¨


5.jpg


Unit42°ä²¼ÁËÓйØDearCryÀÕË÷Èí¼þµÄ·ÖÎö»ã±¨¡£DearCryÊÇÒ»¸öеÄÀÕË÷Èí¼þ±äÖÖ £¬¹ØÓÚËüµÄ±¨Â·×îÔç³Ê´Ë¿Ì2021Äê3ÔÂ9ÈÕ £¬Äܹ»ÀûÓÃMicrosoft Exchange·þÎñÆ÷µÄProxyLogon·ì϶½øÐй¥»÷¡£¹¥»÷Ö¸±êÔ̺¬ÃÀ¹ú¡¢¼ÓÄôóºÍ°Ä´óÀûÑǵȹú¶È¡£´Ë±í £¬¸Ã»ã±¨»¹¼Í¼ÁËDearCryʹÓõÄÓйØÕ½ÊõÒÔ¼°¼¼ÊõºÍ¹ý³Ì£¨TTP£© £¬²¢Îª¿Í»§ÈôºÎÕýÈ·ÅäÖÃËûÃǵÄÉ豸ÌṩÁ˽¨Òé¡£


Ô­ÎÄÁ´½Ó£º

https://unit42.paloaltonetworks.com/dearcry-ransomware/


6.Check Point°ä²¼ÓйØExchange¹¥»÷ÊÂÎñµÄ·ÖÎö»ã±¨


6.jpg


Check Point°ä²¼ÁËÓйØExchange¹¥»÷ÊÂÎñµÄ·ÖÎö»ã±¨¡£Ôڸû㱨ÖÐ £¬Check Point Research£¨CPR£©Åû¶ÁËÆäÔÚÈ«ÇòÁìÓòÄÚ×·×ٵij¢ÊÔÀûÓô˷ì϶µÄ×éÖ¯µÄ×îÐÂÁ˾Ö¡£CPR·¢ÏÖÈ«ÇòÒѺ±¼û°Ù´ÎµÄÀûÓó¢ÊÔ £»½öÔÚ´ÓǰµÄ72¸öÓ×ʱÖÐ £¬³¢ÊÔÀûÓõĴÎÊý¾Í·­ÁË6±¶ÒÔÉÏ £»¹¥»÷µÄ´ÎÊýÀۼƳ¬¹ý4800´Î £¬Éæ¼°È«¹úÊý°Ù¸ö×éÖ¯ £»Ôâ·ê¹¥»÷×î¶àµÄ¹ú¶ÈÊÇÃÀ¹ú£¨Õ¼±È21£¥£© £¬Æä´ÎÊǺÉÀ¼£¨12£¥£©ºÍÍÁ¶úÆä£¨12£¥£© £»ÊÜÓ°Ïì×î´óµÄ²¿ÃÅÊǵ±¾ÖºÍ¾ü·½£¨Õ¼±È27£¥£© £¬Æä´ÎÊÇÔì×÷Òµ£¨22£¥£©ºÍÈí¼þ¹©¸øÉÌ£¨9£¥£©¡£


Ô­ÎÄÁ´½Ó£º

https://blog.checkpoint.com/2021/03/11/exploits-on-organizations-worldwide/