SNIcat¼¼Êõ¿ÉÈÆ¹ýCisco¶à¿î°²È«É豸µÄÁ÷Á¿¼à²â £»Volexity·¢ÏÖ½üÆÚ³¯ÏÊInkySquidÕë¶Ôº«¹úµÄ¹¥»÷»î¶¯

°ä²¼¹¦·ò 2021-08-20

SNIcat¼¼Êõ¿ÉÈÆ¹ýCisco¶à¿î°²È«É豸µÄÁ÷Á¿¼à²â


SNIcat¼¼Êõ¿ÉÈÆ¹ýCisco¶à¿î°²È«É豸µÄÁ÷Á¿¼à²â.png


8ÔÂ18ÈÕ £¬Cisco³ÉΪ¼ÌF5 Networks¡¢FortinetºÍPalo Alto NetworksÖ®ºóµÚ4¼ÒÕýʽÈÏ¿ÉSNIcat¿ÉÈÆ¹ýÆä°²È«É豸Á÷Á¿¼à²âµÄÍøÂ簲ȫ¹©¸øÉÌ¡£SNIcatÊÇŲÍþ°²È«¹«Ë¾mnemonicÓÚ2020Äê8Ô·¢ÏÖµÄÒ»ÖÖÊý¾Ýй¶¼¼Êõ¡£Ä¿Ç° £¬Êܵ½Ó°ÏìµÄÉ豸Ô̺¬ÔËÐÐÁËFTD£¨FirepowerÍþв·ÀÓù£©µÄCisco·À»ðǽ¡¢ÔËÐÐÁËWSA£¨ÍøÂ簲ȫÉ豸£©Ä£¿éµÄÉ豸ÒÔ¼°ËùÓÐISA3000£¨¹¤Òµ°²È«É豸£©·À»ðǽ¡£CiscoÔ¤¼ÆÔÚ²»¾Ãºó½«»á°ä²¼²¹¶¡ºÍ¼ì²â¹æ¶¨¡£


Ô­ÎÄÁ´½Ó£º


https://therecord.media/cisco-security-devices-are-vulnerable-to-snicat-data-exfiltration-technique/


BlackBerry QNXÖдæÔÚBadAlloc·ì϶ӰÏìÊý°ÙÍòÉ豸.jpg


BlackBerry QNXÖдæÔÚBadAlloc·ì϶ӰÏìÊý°ÙÍòÉ豸


CISAºÍBlackBerry±¾ÖܶþÔÚ°ä²¼¾¯±¨³Æ £¬¹¥»÷ÕßÄܹ»ÀûÓúÚÝ®QNX²Ù×÷ϵͳÉϵÄBadAlloc·ì϶ÊÕÊÜÉ豸»òÌáÒ黨¾ø·þÎñ¹¥»÷¡£¸Ã·ì϶ÊÇCÔËÐÐʱ¿âµÄcalloc()º¯ÊýÖеÄÕûÊýÒç¶Âí½Å £¬×·×ÙΪCVE-2021-22156 £¬ÊÇͳ³ÆÎªBadAllocµÄ25¸ö·ì϶֮һ £¬CVSSÆÀ·ÖΪ9.0 £¬×î³õÓÉ΢ÈíÓÚ2021Äê4ÔÂÅû¶¡£PoliticoÔÚÁíÒ»·Ý»ã±¨ÖÐй© £¬BlackBerry»Ø¾øÔÚ4ÔÂÏÂÑ®°ä²¼BadAlloc·ì϶ £¬¶øÊÇ´òËã°µÀïÁªÏµ¿Í»§²¢Í¨ÖªËûÃǸ÷ì϶¡£


Ô­ÎÄÁ´½Ó£º

https://thehackernews.com/2021/08/badalloc-flaw-affects-blackberry-qnx.html


Volexity·¢ÏÖ½üÆÚ³¯ÏÊInkySquidÕë¶Ôº«¹úµÄ¹¥»÷»î¶¯.png


Volexity·¢ÏÖ½üÆÚ³¯ÏÊInkySquidÕë¶Ôº«¹úµÄ¹¥»÷»î¶¯


°²È«¹«Ë¾Volexity·¢ÏÖ³¯ÏÊAPTÍÅ»ïInkySquid£¨ÓÖ³ÆAPT37£©Õë¶Ôº«¹úµÄ¹¥»÷»î¶¯¡£APT37´Ó2012ÄêÆðÍ·»îÔ¾ £¬ÖØÒªÕë¶Ôº«¹úÈ·µ±¾Ö¡¢¹ú·À¡¢¾ü¶ÓºÍýÌå×éÖ¯¡£Õâ´Î»î¶¯´Ó2021Äê3ÔÂÏÂÑ®ÖÁ2021Äê6ÔÂÆðÍ· £¬¹¥»÷ÕßʹÓÃÁËInternet ExplorerÖеÄ2¸ö·ì϶£¨CVE-2020-1380ºÍCVE-2021-26411£© £¬¹¥»÷º«¹úDaily NK±¨Ö½µÄÍøÕ¾www. Dailynk[.]com²¢ÍйܶñÒâÈí¼þ¡£


Ô­ÎÄÁ´½Ó£º


https://securityaffairs.co/wordpress/121262/apt/inkysquid-apt-ie-exploirs.html

ÈÕ±¾±£ÏÕ¹«Ë¾Tokio MarineÐÂ¼ÓÆÂ·Ö¹«Ë¾Ôâµ½ÀÕË÷¹¥»÷.png


ÈÕ±¾±£ÏÕ¹«Ë¾Tokio MarineÐÂ¼ÓÆÂ·Ö¹«Ë¾Ôâµ½ÀÕË÷¹¥»÷


ÈÕ±¾¿ç¹ú±£ÏÕ¹«Ë¾Tokio Marine HoldingsÓÚ±¾Öܰ䷢ £¬ÆäÐÂ¼ÓÆÂ·Ö¹«Ë¾Tokio Marine Insurance Singapore(TMiS)Ôâµ½ÁËÀÕË÷Èí¼þ¹¥»÷¡£Ä¿Ç°Éв»Ã÷ÏÔ¹¥»÷ºÎʱ²úÉúµÄÒÔ¼°ÆäÔì³ÉµÄÇÖº¦ £¬µ«TMiSÔÚ¼ì²âµ½ºóµ±¼´¹Ø¹ØÁËÍøÂ粢֪ͨÁ˱¾µØµ±¾Ö £¬Ã»Óпͻ§»ò»úÃÜÐÅϢй¶¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/japanese-insurer-tokio-marine-discloses-ransomware-attack/


IBM³Æ×îÐÂ×êÑÐÅú×¢ÀÕË÷Èí¼þDiavolÓëTrickBotÓйØ.jpg


IBM³Æ×îÐÂ×êÑÐÅú×¢ÀÕË÷Èí¼þDiavolÓëTrickBotÓйØ


IBM X-ForceÓÚ2021Äê8ÔÂ17ÈÕ°ä²¼×îÐÂ×êÑÐ £¬Åú×¢ÀÕË÷Èí¼þDiavolÓëTrickBotÓйØ¡£Ö®Ç° £¬FortinetÔøÔÚ7Ô³õÖ¸³öDiavolºÍContiÓйØ £¬ËüÃÇʹÓÃÁËÒ»ÑùµÄºÅÁîÐвÎÊýÖ´Ðи÷À๤×÷¡£¶øIBMµÄ×êÑÐÈËÔ±²é¿´ÁË2021Äê1ÔÂ27ÈÕÌá½»µ½Virus TotalµÄ½Ï¾ÉµÄÑù±¾£¨±àÒëÈÕÆÚΪ2020Äê3ÔÂ5ÈÕ£© £¬·¢ÏÖDiavolÌìÉúµÄBot IDÌåʽÓëTrickBotÌìÉúµÄÌåʽÏÕЩһÑù £¬²¢ÇÒÆäC2µÄHTTPÍ·ÉèÖÃΪ¡°¸üϲ»¶¶íÓïÄÚÈÝ¡± £¬ÕâÒ²ÓëTrickBotÒ»Ñù¡£


Ô­ÎÄÁ´½Ó£º


https://www.bleepingcomputer.com/news/security/diavol-ransomware-sample-shows-stronger-connection-to-trickbot-gang/

Check Point°ä²¼2021Äê7Ô½ÌÓýÐÐÒµÍþÐ²Ì¬ÊÆµÄ»ã±¨.jpg


Check Point°ä²¼2021Äê7Ô½ÌÓýÐÐÒµÍþÐ²Ì¬ÊÆµÄ»ã±¨


Check Point°ä²¼ÁË2021Äê7Ô½ÌÓýºÍ¿ÆÑÐÐÐÒµÍþÐ²Ì¬ÊÆµÄ·ÖÎö»ã±¨¡£»ã±¨Ö¸³ö £¬ÔÚ2021Äê7Ô £¬½ÌÓýºÍ¿ÆÑÐÐÐÒµÊÇÔâµ½¹¥»÷×î¶àµÄÐÐÒµ £¬Ã¿¸ö×é֯ÿÖܾùÔÈÔâµ½1739´Î¹¥»÷ £¬±È2021ÄêÉϰëÄêÔö³¤ÁË29%¡£½ñÄê7Ô £¬Ó¡¶È¸ÃÐÐÒµµÄ×éÖ¯Ôâµ½µÄ¹¥»÷×î¶à £¬Ã¿¸ö×éÖ¯¾ùÔÈÿÖÜ5196´Î¹¥»÷ £¬±È2021ÄêH1Ôö³¤ÁË22% £¬Æä´ÎΪÒâ´óÀû£¨5016´Î¹¥»÷ £¬Ôö³¤70%£©ºÍÒÔÉ«ÁУ¨4011´Î £¬Ôö³¤51%£©¡£


Ô­ÎÄÁ´½Ó£º

https://blog.checkpoint.com/2021/08/18/check-point-research-education-sector-sees-29-increase-in-attacks-against-organizations-globally/