EverestÀÕË÷Èí¼þÍŶÓй¶PPMG»¼ÕßÃô¸ÐÐÅÏ¢

°ä²¼¹¦·ò 2024-11-26

1. EverestÀÕË÷Èí¼þÍŶÓй¶PPMG»¼ÕßÃô¸ÐÐÅÏ¢


11ÔÂ23ÈÕ £¬¼ÓÀû¸£ÄáÑÇÖݵÄÉýƽÑó·Î²¿Ò½ÁƼ¯ÍÅ(PPMG)Ôâ·êÁËÑϳÁµÄÊý¾Ýй¶ÊÂÎñ¡£10ÔÂ25ÈÕ £¬EverestÀÕË÷Èí¼þÍŶÓÔÚ°µÍøÉϰ䲼ÁËPPMGµÄ»¼ÕßÐÅÏ¢ £¬Ô̺¬2021ÖÁ2024ÄêµÄδ¼ÓÃÜÓ×ÎÒºÍÊܱ£»¤½¡È«ÐÅÏ¢¡£Ð¹Â¶µÄÊý¾ÝÒÔ150¶à¸öͼÏñÎļþºÍ¶à¸ö.csvÎļþµÄ´ó¾Ö´æÔÚ £¬Í¼ÏñÎļþÖØÒªÕ¹Ê¾»¼ÕßµÄÖ÷´Î±£ÏÕ¿¨¼°²¿ÃżÝÕÕÐÅÏ¢ £¬¶ø.csvÎļþÔòº­¸ÇÁËÁ½ÖÜÄڵϼÕß¾ÍÕï¼Í¼ £¬Ô̺¬ÐÕÃû¡¢µØÖ·¡¢µç»°ºÅÂë¡¢Éç»á°²È«ºÅÂë¡¢µ®ÉúÈÕÆÚ¡¢µç×ÓÓʼþµØÖ·¡¢½¡È«ÐÅÏ¢¼°Õ˵¥ÏêÇéµÈÃô¸ÐÄÚÈÝ¡£×îÐÂÒ»ÅúÊý¾Ý½ØÖÁ10ÔÂ4ÈÕ £¬Ã¿Á½ÖܵÄ.csvÎļþ¼Í¼×Å300µ½500Ãû»¼ÕߵľÍÕïÇé¿ö¡£È»¶ø £¬Ö±ÖÁÐÅÏ¢°ä²¼Ê± £¬PPMGÍøÕ¾¼°ÃÀ¹úÎÀÉúÓ빫¹²·þÎñ²¿(HHS)µÄ¹«¹²Î¥¹æ¹¤¾ßÉϾùδ°ä²¼ÓйØÍ¨Öª¡£DataBreachesÒÑÏòPPMGºÍEverest·¢ËÍѯÎÊ £¬µ«ÉÐδÊÕµ½»Ø¸´¡£


https://databreaches.net/2024/11/23/pacific-pulmonary-medical-group-patient-information-dumped-by-everest-ransomware-team/


2. ³¬¹ý2000̨Palo Alto NetworksÉ豸ÔâºÚ¿ÍÈëÇÖ


11ÔÂ21ÈÕ £¬Palo Alto Networks »ã±¨³ÆÆä¶à´ï2000̨É豸¿ÉÄÜÒÑÔâµ½ÀûÓÃÐÂÅû¶°²È«·ì϶µÄ¹¥»÷¡£¾ÝShadowserver»ù½ð»áͳ¼Æ £¬ÃÀ¹ú£¨554Àý£©ºÍÓ¡¶È£¨461Àý£©µÄϰȾ²¡Àý×î¶à £¬ÆäËûÊÜÓ°Ïì¹ú¶ÈÔ̺¬Ì©¹ú¡¢Ä«Î÷¸ç¡¢Ó¡¶ÈÄáÎ÷ÑÇ¡¢ÍÁ¶úÆä¡¢Ó¢¹ú¡¢ÃØÂ³ºÍÄÏ·Ç¡£CensysÔò·¢ÏÖ13,324¸ö¹«¿ªÂ¶³öµÄÏÂÒ»´ú·À»ðǽ£¨NGFW£©ÖÎÀí½Ó¿Ú £¬ÆäÖÐ34%λÓÚÃÀ¹ú £¬µ«²¢·ÇËùÓж³öµÄÖ÷»ú¶¼´æÔÚ·ì϶¡£Éæ¼°µÄ°²È«·ì϶Ô̺¬CVE-2024-0012£¨CVSS·ÖÊý9.3£©ºÍCVE-2024-9474£¨CVSS·ÖÊý6.9£© £¬ËüÃÇ¿ÉÄܵ¼ÖÂÉí·ÝÑéÖ¤ÈÆ¹ýºÍȨÏÞÌáÉý £¬Ê¹¹¥»÷ÕßÄÜÖ´ÐжñÒâ²Ù×÷¡£Palo Alto NetworksÕý×·×Ù´úºÅΪOperation Lunar PeekµÄ·ì϶ÀûÓÃÇé¿ö £¬²¢ÖÒ¸æ³ÆÕâЩ·ì϶Òѱ»±øÆ÷»¯ £¬¿ÉÄÜÒý·¢¸ü¿í·ºµÄÍþв»î¶¯¡£¸Ã¹«Ë¾Òѹ۲ìµÃÊÖ¶¯ºÍ×Ô¶¯É¨Ãè»î¶¯ £¬²¢¶½´ÙÓû§¾¡¿ìÀûÓý¨¸´·¨Ê½ £¬ÏÞ¶ÈÖÎÀí½çÃæ½Ó¼û £¬ÒÔÔ¤·À±í²¿½Ó¼û¡£


https://thehackernews.com/2024/11/warning-over-2000-palo-alto-networks.html


3. Blue YonderÔâÀÕË÷Èí¼þ¹¥»÷ £¬¹©¸øÁ´·þÎñÖжÏÓ°Ïì¿í·º


11ÔÂ25ÈÕ £¬¹©¸øÁ´ÖÎÀí¹«Ë¾Blue Yonder£¨Ô­ÎªJDA Software£© £¬×÷ΪËÉϵÄ×Ó¹«Ë¾ £¬ÄêÊÕÈ볬10ÒÚÃÀÔª £¬Õ¼ÓÐ6000ÃûÔ±¹¤ £¬ÎªÔ̺¬DHL¡¢À×ŵ¡¢È¸³²¡¢ÌØÒ×¹º¡¢ÐǰͿ˵ȳÛÃûÆóÒµÔÚÄÚµÄ3000Ãû¿Í»§ÌṩÈËΪÖÇÄÜÇý¶¯µÄ¹©¸øÁ´½â¾ö¹æ»®¡£È»¶ø £¬¸Ã¹«Ë¾½üÆÚÔâ·êÁËÀÕË÷Èí¼þ¹¥»÷ £¬µ¼ÖÂÆäÍйܷþÎñÍйܻ·¾³³öÏÖÖжÏ £¬Ó°ÏìÁËÆä¿Í»§ £¬³ö¸ñÊÇÓ¢¹úµÄÔÓ»õµêÁ¬Ëøµê¡£Blue YonderÒÑÓë±í²¿ÍøÂ簲ȫ¹«Ë¾ºÏ×÷Ó¦¶Ô´ËÊÂÎñ £¬²¢Ö´ÐÐÁ˶àÏî·ÀÓùºÍȡ֤ºÍ̸ £¬µ«ÔÚÆä¹«¹²ÔÆ»·¾³ÖÐδ¼ì²âµ½¿ÉÒɻ¡£Ä¿Ç° £¬Blue YonderÈÔÔÚ´¦ÖöàÖÖ¸´Ô­Õ½Êõ £¬µ«ÉÐÎ´Ð¹Â©È«Ãæ¸´Ô­µÄ¾ßÌ幦·ò±í¡£ÊÜÓ°ÏìµÄ¿Í»§ £¬ÈçMorrisonsºÍSainsbury £¬ÒѲÉȡӦ¼±´ëÊ©À´¿Ë·þÕâÒ»ÖжÏ¡£½ØÖÁ×îÐÂÐÂÎÅ £¬Blue YonderÉÐδ°ä²¼ÓйØÇé¿öµÄ×îнøÕ¹ £¬´§Ä¦ÆäÍйܷþÎñ»·¾³ÒÀÈ»Êܵ½Ó°Ï졣Ŀǰ £¬ÉÐδÓÐÈκÎÀÕË÷Èí¼þÍÅ»ï°ä·¢¶ÔÕâ´Î¹¥»÷ÕÆ¹Ü¡£


https://www.bleepingcomputer.com/news/security/blue-yonder-ransomware-attack-disrupts-grocery-store-supply-chain/


4. Meta³ÁÈ­½ø¹¥É±ÖíÚ¿Æ­ £¬¹Ø¹Ø200ÍòڲƭÕË»§


11ÔÂ24ÈÕ £¬×Ô½ñÄêËêÊ×ÒÔÀ´ £¬MetaÒÑ¹Ø¹ØÆäÆ½Ì¨ÉÏ200Íò¸öÓëɱÖíÚ¿Æ­ºÍÆäËûڲƭÐÐΪÓйصÄÕË»§ £¬ÕâЩÕË»§ÖØÒªÀ´×ÔÃåµé¡¢ÀÏÎΡ¢°¢ÁªÇõ¡¢·ÆÂɱöºÍ¼íÆÒÕ¯µÈÒÔ¡°Ú¿Æ­Å«Á¥¡±»î¶¯ÎÅÃûµÄ¹ú¶È¡£ÕâЩڿƭÖÐÐÄͨ¹ý°ä²¼ÐéαÕÐÆ¸ÐÅÏ¢ÒýÓÕÇóÖ°Õß £¬Ð²ÆÈËûÃÇ´ÓÊÂÍøÂçÚ¿Æ­ £¬²¢ÒÔÈËÉíÁèŰ×÷ΪÍþв¡£MetaÓëÕâЩ¹ú¶ÈµÄ·¨ÂÉ»ú¹¹ºÏ×÷ £¬·ÖÏíµý±¨ £¬½ø¹¥Ú¿Æ­ÐÐΪ¡£ÆäÖÐ £¬¡°É±Öí¡¹Ø©Æ­ÊÇÒ»ÖÔìÆ»µÐԵĽðÈÚͶ×ÊȦÌ× £¬ÒÀÀµÓڳ־ðѳֺ͸߼¶ºýŪ £¬Ö¸±êÓû§±é²¼È«Çò¡£¹ÌÈ»¿´ËÆÏÝÈëȦÌ×µÄÈËÊý²»¶à £¬µ«ÒѳÉΪÕâЩÓÐ×éÖ¯·¸×OÍŵľ޶îÊÕÈëÆðÔ´¡£Meta²ÉÈ¡ÁËһϵÁдëÊ© £¬Ô̺¬Ö´ÐÐΣÏÕ×éÖ¯ºÍÓ×ÎÒÕþ²ß¡¢ÀûÓÃÐÐΪºÍ¼¼ÊõÐźżø±ðºÍ×èÖ¹Ú¿Æ­ÓйØÕË»§ºÍ»ù´¡ÉèÊ©¡¢ÓëÈ«Çò·¨Âɲ¿ÃźÏ×÷¡¢Óë¿Æ¼¼¹«Ë¾ºÍ×éÖ¯ºÏ×÷¡¢ÌṩÓû§±£»¤Ö°Äܺͽ¨ÒéµÈ £¬ÒÔ¼ì²âºÍ×èÖ¹ÕâЩȦÌ× £¬±£»¤Óû§ÃâÊÜڲƭ¡£MetaÌáÐÑÓû§ÉóÉ÷¶Ô´ýδ¾­ÒªÇóµÄͨѶ £¬Ô¤·ÀÔÚÉ罻ýÌåºÍͨѶƽ̨ÉϽèÇ®»ò²ÎÓë¿ÉÒÉͶ×Ê´òËã¡£


https://www.bleepingcomputer.com/news/security/meta-removes-over-2-million-accounts-pushing-pig-butchering-scams/


5. Ì©¹ú¾¯·½ÆÆ»ñ´ó¹æÄ£¶ÌÐÅ´¹µöÚ¿Æ­°¸ £¬¿ÛÁô»õ³µË¾»ú


11ÔÂ24ÈÕ £¬Ì©¹ú¾¯·½³É¹¦ÆÆ»ñһ·´ó¹æÄ£¶ÌÐÅÚ¿Æ­°¸ £¬¿ÛÁôÁË»õ³µË¾»ú¡£¸Ã»õ³µÉ豸Á˶ÌÐÅ·¢ÉäÆ÷ £¬¿ÉÄÜÔÚ3¹«ÀïÁìÓòÄÚÿÓ×ʱ·¢ËÍ10ÍòÌõ´¹µö¶ÌÐÅ¡£Ú¿Æ­¶ÌÐÅÐû³ÆÓû§µÄ»ý·Ö¼´½«¹ýÆÚ £¬ÒýÓÕËûÃǵã»÷Ô̺¬¡°aisthailand¡±×Ö·û´®µÄ´¹µöÍøÕ¾Á´½Ó £¬¸ÃÁ´½Ó¼Ù×°³ÉÌ©¹ú×î´óÒÆ¶¯µç»°ÔËÓªÉÌAISµÄ¹Ù·½ÍøÕ¾¡£Óû§Ò»µ©µã»÷Á´½Ó²¢ÊäÈëÐÅÓþ¿¨ÐÅÏ¢ £¬ÕâЩÐÅÏ¢¾Í»á±»·¢»¹¸øÚ¿Æ­ÍÅ»ï £¬ÓÃÓÚÔÚÆäËû¹ú¶È½øÐÐδ¾­ÊÚȨµÄÂòÂô¡£¾ÝϤ £¬¸ÃÚ¿Æ­ÍŻﲿÃųÉÔ±ÔÚÌ©¹ú £¬²¿ÃÅÔÚº£±í £¬Í¨¹ý¸öÈËTelegramƵ·Эµ÷Ðж¯¡£ÔÚÈýÌìÄÚ £¬¸ÃÍÅ»ïÏòÂü¹È¾ÓÃñ·¢ËÍÁ˽üÒ»°ÙÍòÌõÚ¿Æ­¶ÌÐÅ¡£¾¯·½ÔÚ×·²¶ÖÁÉÙÁí±íÁ½ÃûÍÅ»ï³ÉÔ± £¬²¢µÃµ½ÁËAISµÄЭÖú¶¨Î»¶ÌÐÅ·¢ÉäÆ÷¡£Ö»¹ÜÍøÂç´¹µöÐÅÏ¢µÄ³É¹¦ÂÊÒò¹«¼ÒÒâʶÌá¸ß¶ø½µµÍ £¬µ«ÔÚÈ˶¡Ãܼ¯µØÓòÒԸ߿촫²¼Ê± £¬ÈÔÄÜΪ·¸×ïÕß´øÀ´¿É¹ÛÊÕÒæ¡£


https://www.bleepingcomputer.com/news/security/bangkok-busts-sms-blaster-sending-1-million-scam-texts-from-a-van/


6. ΢Èí¶àÏîÖ÷Ìâ·þÎñÔâ·êÈ«ÇòÐÔ´ó¹æÄ£ÖжÏ


11ÔÂ25ÈÕ £¬Î¢ÈíµÄ¶àÏîÖ÷Ìâ·þÎñ £¬Ô̺¬Microsoft 365¡¢Exchange Online¡¢TeamsºÍOutlook £¬Ôâ·êÁËÈ«ÇòÐԵĴó¹æÄ£ÖжÏ £¬µ¼ÖÂÓû§ÔÚÉ罻ýÌåÉϷ׷׻㱨ÎÞ·¨·¢ËÍÓʼþ¡¢ÍøÕ¾±ÀÀ£¼°ÃýÎóÒ³ÃæµÈÎÊÌâ¡£ÔÚÁùÓ×ʱÄÚ £¬DowndetectorÒÑÊÕµ½Êýǧ·ÝÓû§»ã±¨ £¬ÊÜÓ°ÏìµÄÓû§»¹°µÊ¾ÔÚÏνÓOneDrive¡¢Purview¡¢CopilotµÈ·þÎñʱҲÓöµ½ÁË×è°­¡£Î¢ÈíËæºóÈÏ¿ÉÎÊÌâ´æÔÚ £¬²¢ÔÚÆ½Ì¨Éϰ䲼ÉêÃ÷³ÆÔڻعöÓйص÷»»²¢Ñ°ÕÒÆäËû»º½â´ëÊ© £¬Í¬Ê±ÁгöÁËÊÜÓ°ÏìµÄ·þÎñºÍʹÓó¡¾°¡£¹ÊÕϳÖÐø11¸öÓ×ʱºó £¬Î¢ÈíÑ¡ÔñÊÖ¶¯³ÁÆô·þÎñÆ÷ £¬²¢ÔÚÖÎÀíÖÐÐĵÄÊÂÎñ»ã±¨ÖÐÈ·ÈϸÃÖжÏ×èÖ¹Á˿ͻ§Í¨¹ý¶àÖÖ·½Ê½½Ó¼ûExchange Online¡£Í¬Ê± £¬Ò»Ð©¿Í»§ÔÚʹÓÃMicrosoft Fabric¡¢Microsoft BookingsºÍMicrosoft Defender for Office 365µÈ·þÎñʱҲÓöµ½ÁËÎÊÌ⡣΢Èí°µÊ¾ÒÑÆðÍ·²¿Ê𽨸´·¨Ê½ £¬²¢ÊÖ¶¯³ÁÆô²¿ÃŲ»½¡È«µÄ»úе £¬µ«Ö±µ½25ÈÕ12µã33·Ö£¨EST£© £¬²¿ÊðµÄ½¨¸´·¨Ê½ÉÐδµ¼ÖÂÆëÈ«µÄ·þÎñ¸´Ô­¡£18µã25·Ö£¨EST£© £¬Î¢Èí½øÒ»²½·ÖÏíÁËÊÂÎñÐÅÏ¢ £¬³Æ±äÂÒÊÇÓÉÒ»¸öµ¼Ö·þÎñÆ÷·ÓɳÁÊÔÒªÇó¼¤ÔöµÄ¸ü¸ÄÒýÆðµÄ £¬ÍŶÓÔÚ»ý¼«Ö´ÐкóÐøÐж¯ £¬²¢ÖÂÁ¦¸´Ô­È«ÊýÖ°ÄÜ¡£


https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-impacts-exchange-online-teams-sharepoint/