Å·ÃË³ÆÆä¶à¸ö»ú¹¹ÔÚÉÏÖÜÔâµ½¹¥»÷£¬ÊÂÎñÈÔÔÚµ÷²éÖУ»ºÚ¿ÍÔÚ°µÍøÏúÊÛÊýǧ¼ÒÉ̵êµÄ¼ÛÖµ3800ÍòÃÀÔªµÄÀñÎ│

°ä²¼¹¦·ò 2021-04-08

1.Å·ÃË³ÆÆä¶à¸ö»ú¹¹ÔÚÉÏÖÜÔâµ½¹¥»÷£¬ÊÂÎñÈÔÔÚµ÷²éÖÐ


1.jpg


Å·ÃËίԱ»á½²»°È˳Æ£¬Ô̺¬Î¯Ô±»áÔÚÄڵĶà¸öÅ·ÃË×éÖ¯ÔÚÉÏÖÜÔâµ½ÁËÍøÂç¹¥»÷ ¡£´Ë¿Ì¶Ô¸ÃÊÂÎñµÄȡ֤·ÖÎöÈÔ´¦ÓÚ³õÆÚ½×¶Î£¬ÉÐδ¼ì²âµ½´æÔÚÐÅϢй¶ÎÊÌâ ¡£Åí²©É簵ʾ£¬Õâ´ÎÊÂÎñ±ÈÅ·ÃËÒÔÍùÔâµ½µÄ¹¥»÷¸üΪÑϳÁ£¬Å·ÃËij¹ÙÔ±»¹Ð¹Â©£¬Æä¹¤×÷ÈËÔ±½üÆÚÊÕµ½ÁËÓйØÕë¶ÔÅ·Ã˵Ĵ¹µö¹¥»÷Ô¤¾¯ ¡£Ä¿Ç°£¬Å·ÃËÈÔδ¹«¿ªÓйØÕâ´ÎÊÂÎñµÄÐÔÖÊ»òÆä±³ºóµÄ¹¥»÷ÕßÉí·ÝµÄÐÅÏ¢ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bloomberg.com/news/articles/2021-04-06/european-institutions-were-targeted-in-a-cyber-attack-last-week


2.Cisco°²È«¸üУ¬½¨¸´SD-WAN vManageÖеÄRCE·ì϶


2.jpg


Cisco°ä²¼°²È«¸üУ¬½¨¸´SD-WAN vManageÈí¼þµÄÔ¶³ÌÖÎÀí×é¼þÖеÄÔ¶³Ì´úÂëÖ´ÐУ¨RCE£©·ì϶ ¡£¸Ã·ì϶±»×·×ÙΪCVE-2021-1479£¬ÑϳÁÐԵ÷ÖΪ9.8 £¬³É¹¦µÄÀûÓóɹ¦ÀûÓø÷ì϶Äܹ»rootȨÏÞÔڵײã²Ù×÷ϵͳÉÏÖ´ÐÐËÁÒâ´úÂë ¡£Õâ´Î¸üл¹½¨¸´Á˸òúÆ·µÄÓû§ÖÎÀíÖ°ÄܺÍϵͳÎļþ´«ÊäÖ°ÄÜÖеÄ2¸öÌáȨ·ì϶£¨CVE-2021-1137ºÍCVE-2021-1480£© ¡£´Ë±í£¬Cisco»¹Åû¶ÁËÓׯóҵ·ÓÉÆ÷ÖеÄRCE·ì϶(CVE-2021-1459)£¬µ«ÓÉÓÚÕâЩÉ豸ÒÑÖÁEOL£¬Òò¶ø²¢Î´°ä²¼Óйز¹¶¡ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/cisco-fixes-bug-allowing-remote-code-execution-with-root-privileges/


3.ºÚ¿ÍÔÚ°µÍøÏúÊÛÊýǧ¼ÒÉ̵êµÄ¼ÛÖµ3800ÍòÃÀÔªµÄÀñÎ│


3.jpg


¶íÂÞ˹ºÚ¿ÍÔÚ°µÍøÉÏÏúÊÛÀ´×Ô3010¼Ò¹«Ë¾½ü900000ÕÅÀñÎ│£¬×ܼÛÖµ¹À¼ÆÎª3800ÍòÃÀÔª£¬Éæ¼°Airbnb¡¢ÑÇÂíÑ·¡¢ÍòºÀ¾Æµê¡¢ÄͿˣ¬SubwayºÍÎÖ¶ûÂêµÈÉ̵ê ¡£×îÖÕ£¬Âô¼ÒÒÔ20000ÃÀÔªµÄ¼ÛÖµÂô³öÁËÕâЩÀñÎ│£¬Gemini Advisory°µÊ¾£¬ÀñÎ│µÄÊÛ¼Ûͨ³£ÎªÆä¼ÛÖµµÄ10£¥£¬µ«Õâ´ÎµÄÊÛ¼ÛÖ»ÓÐԼΪ0.05£¥ ¡£ÔÚÏúÊÛÀñÎ│µÄµÚ¶þÌ죬¸ÃºÚ¿ÍÓÖÒÔ15000ÃÀÔªµÄ¼ÛÖµÏúÊÛÁË330000ÕÅÐÅÓþ¿¨µÄÊý¾Ý£¬Ô̺¬Õʵ¥µØÖ·¡¢¿¨ºÅ¡¢ÓÐЧÆÚºÍ·¢¿¨ÐÐÃû³ÆµÈÐÅÏ¢ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/hacker-sells-38m-worth-of-gift-cards-from-thousands-of-shops/


4.°®¶ûÀ¼¹úÁ¢Ñ§ÔººÍ¶¼°ØÁÖÀí¹¤´óѧ³ÆÆäITϵͳÔâµ½ÀÕË÷¹¥»÷


4.jpg


°®¶ûÀ¼¹úÁ¢Ñ§Ôº£¨NCI£©ºÍ¶¼°ØÁֿƼ¼´óѧ°ä·¢£¬ÆäITϵͳÔâµ½ÀÕË÷¹¥»÷ ¡£NCIÔÚ4ÔÂ3ÈÕÔâµ½¹¥»÷£¬ÆäITϵͳ±»ÆÈ¹Ø¹Ø£¬µ¼ÖÂMoodle¡¢Í¼Êé¹Ý·þÎñºÍѧÉúµÄMyDetailsµÈ·þÎñÖжÏ£¬4ÔÂ6ÈÕÖÁ8ÈÕµÄËùÓпγ̡¢ÆÀ¹ÀºÍÈëÖ°Åàѵ¶¼ÒÑÍÆ³Ù ¡£¶¼°ØÁÖ¹¤Òµ´óѧ£¨TU Dublin£©ÔÚÖÜËÄÔçÉÏÔâµ½ÀÕË÷Èí¼þ¹¥»÷£¬Ñ§ÌÃITϵͳºÍÊý¾Ý±¸·ÝÊܵ½Ó°Ï죬¸ÃУ°µÊ¾Ä¿Ç°ÈÔ´¦ÓÚµ÷²éµÄ³õÆÚ½×¶Î£¬»¹ÒªÒÞÒµÉú±ÉÈËÖÜÒ»£¨4ÔÂ12ÈÕ£©Ö®Ç°²»ÒªÊ¹ÓÃÈκÎУ԰ITϵͳ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/ransomware-hits-tu-dublin-and-national-college-of-ireland/


5.ESETÅû¶Õë¶ÔÀ­¶¡ÃÀÖÞµØÓòÓû§µÄÐÂÒøÐÐľÂíJaneleiro


5.jpg


ESETµÄ×êÑÐÈËÔ±Åû¶ÁËÕë¶ÔÀ­¶¡ÃÀÖÞµØÓòÓû§µÄÐÂÐÍÒøÐÐľÂíJaneleiro ¡£¸ÃľÂíÖÁÉÙ´Ó2019ÄêÒÔÀ´¾ÍÆðÍ·Õë¶Ô°ÍÎ÷µÄÆóÒµ£¬Éæ¼°¹¤³Ì¡¢Ò½ÁƱ£½¡¡¢ÁãÊÛ¡¢Ôì×÷Òµ¡¢½ðÈÚ¡¢ÔËÊäºÍµ±¾ÖµÈ¸÷¸öÁìÓò ¡£Janeleiroͨ¹ýαÔì´óÐÍÒøÐÐÍøÕ¾£¨SantanderºÍBanco do BrasilµÈ£©µÄµ¯´°À´ÒýÓÕÖ¸±ê£¬ÕâЩµ¯´°Ô̺¬ÐéαµÄ±í¸ñÀ´ÓÕʹָ±êÊäÈëÒøÐÐÆ¾Ö¤ºÍÓ×ÎÒÐÅÏ¢ ¡£´Ë±í£¬JaneleiroÊÇÓÉVisual Basic .NET±àдµÄ£¬ÕâÓë¸ÃµØÓòµÄºÚ¿ÍËùϲ»¶µÄDelphiÓкܴóµÄ³öÈë ¡£    


Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2021/04/experts-uncover-new-banking-trojan.html


6.Intel 471ÍŶӳƶ¥¼¶ºÚ¿ÍÍÅ»ïÆ«ÐÄEtterSilentÌìÉúÆ÷


6.jpg


Intel 471×êÑÐÍŶӳƶ¥¼¶ºÚ¿ÍÍÅ»ïÆ«ÐÄEtterSilent¶ñÒâÎĵµÌìÉúÆ÷ ¡£ºÚ¿Í´Ó2020ÄêÆðÍ·ÔÚ°µÍø°ä²¼ÓйØEtterSilentµÄ¸æ°×£¬³ÆÆä¿ÉÈÆ¹ýWindows Defender¡¢Windows AMSI·´¶ñÒâÈí¼þɨÃè½çÃæºÍÊ¢Ðеĵç×ÓÓʼþ·þÎñ£¨Ô̺¬Gmail£©µÈ ¡£¸Ã¹¤¾ß¿ÉÌṩÁ½ÀàÐ͵ĶñÒâÎĵµ£¨maldocs£©£¬ÆäÒ»ÊÇÀûÓÃMicrosoft OfficeÖеÄÒÑÖª·ì϶CVE-2017-8570¡¢CVE-2017-11882ºÍCVE-2018-0802µÈ£¬ÁíÒ»ÖÖÊÇʹÓöñÒâºê ¡£


Ô­ÎÄÁ´½Ó£º

https://intel471.com/blog/ettersilent-maldoc-builder-macro-trickbot-qbot/