΢ÈíSharePoint¸ßΣ·ì϶ÔâÔÚÒ°ÀûÓÃ

°ä²¼¹¦·ò 2026-07-06
1. ΢ÈíSharePoint¸ßΣ·ì϶ÔâÔÚÒ°ÀûÓÃ


7ÔÂ2ÈÕ £¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©°ä²¼´¹Î£ÖÒ¸æ £¬¹¥»÷ÕßÒÑÆðÍ·»ý¼«ÀûÓÃ΢ÈíSharePointƽ̨ÖеÄÒ»¸ö¸ßΣԶ³Ì´úÂëÖ´Ðзì϶£¨±àºÅCVE-2026-45659£©¡£¸Ã·ì϶ԴÓÚ¶Ô²»ÊÜÐÅÀµÊý¾ÝµÄ·´ÐòÁл¯´¦ÖÃȱµã £¬ÔÊÐíÕ¼ÓÐ×îµÍȨÏ޵ľ­¹ýÉí·ÝÑéÖ¤µÄ¹¥»÷Õß £¬ÔÚÎÞÐèÓû§½»»¥µÄÇé¿öÏ £¬ÒԽϵ͵Ĺ¥»÷¸´ÔÓ¶ÈÔÚδ´ò²¹¶¡µÄSharePoint·þÎñÆ÷ÉÏÔ¶³ÌÖ´ÐÐËÁÒâ´úÂ롣΢ÈíÔÚ·ì϶²¼¸æÖÐÃ÷È·Ö¸³ö £¬Èκξ­¹ýÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¾ù¿É´¥·¢´Ë·ì϶ £¬ÎÞÐèÖÎÀíÔ±»ò¸ü¸ßȨÏÞ £¬ÇÒ¹¥»÷¿É¾­ÓÉÍøÂçÔ¶³ÌÌáÒé £¬ÉõÖÁͨ¹ý»¥ÁªÍøÖ±½ÓÖ´ÐÐ £¬·çÏÕÁìÓò¿í·º¡£Î¢ÈíÒÑÓÚ5ÔÂ21ÈÕ°ä²¼Õë¶ÔSharePoint Enterprise Server 2016¡¢SharePoint Server 2019¼°SharePoint Server¶©ÔİæµÄ°²È«¸üÐÂÒÔ½¨¸´¸ÃÎÊÌâ £¬²¢ÈϿɸÃCVE±àºÅÔøÔÚ5Ô°²È«¸üÐÂÖб»Òâ±íÒÅ©¡£»¥ÁªÍø°²È«¼à¿Ø»ú¹¹ShadowserverµÄ×·×ÙÊý¾ÝÏÔʾ £¬Ä¿Ç°È«ÇòÓг¬¹ý1Íǫ̀SharePoint·þÎñÆ÷¶³öÓÚ¹«Íø £¬µ«Éв»Ã÷ÏÔÆäÖÐÓм¸¶àÒѲ¿Êð²¹¶¡»ò²ÉÈ¡»º½â´ëÊ©ÕмܳÖÐø¹¥»÷¡£


https://www.bleepingcomputer.com/news/security/cisa-microsoft-sharepoint-rce-flaw-now-actively-exploited/


2. ¹È¸èÁªÊÖFBI³Á´´NetNut½©Ê¬ÍøÂç


7ÔÂ2ÈÕ £¬¹È¸è°ä·¢ £¬ÒÑͨ¹ý¶Â½ØÓëNetNutºÅÁî½ÚÔì²Ù×÷ÓйصĹȸèÕË»§¼°·þÎñ £¬¶Ô¸ÃÈ«Çò¹æÄ£×î´óµÄסլ´úÀí½©Ê¬ÍøÂçÖ®Ò»Ôì³ÉÑϳÁ½ø¹¥¡£¾Ý¹È¸èÍþвµý±¨Ó××é¹À¼Æ £¬¸Ã½©Ê¬ÍøÂçÖÁÉÙϰȾÁËÈ«Çò200Íǫ̀¼ÒÓÃÉ豸 £¬º­¸ÇÖÇÄܵçÊÓ¡¢Á÷ýÌåºÐ×ӵȳ£¼û¼ÒÍ¥ÖÕ¶Ë¡£ÔÚÐж¯¹ý³ÌÖÐ £¬GTIG¹Û²ìµ½¶à´ï316¸ö·ÖÆçµÄÍþв¼¯Èº £¬Ô̺¬ÍøÂç·¸×OÍźͼäµý×éÖ¯ £¬ÀûÓøÃÍøÂ縲¸ÇÕæÊµIPµØÖ·²¢·¢ÆðÃÜÂëÅçÈ÷µÈ¹¥»÷»î¶¯¡£Õâ´Î½áºÏÐж¯ÓɹȸèÓëFBI¡¢Lumen Technologies¼°ÆäËûºÏ×÷ͬ°éЭִͬÐС£¹È¸è°µÊ¾ £¬ÒÑÏò·¨Âɲ¿ÃÅ¡¢Æ½Ì¨ÌṩÉ̼°×êÑлú¹¹¹²ÏíÁ˹ØÓÚNetNutÈí¼þ¿ª·¢¹¤¾ß°ü£¨SDK£©ºÍºó¶Ë»ù´¡ÉèÊ©µÄ¾ßÌå¼¼Êõµý±¨¡£NetNutסլ´úÀíÍøÂ磨Òà³Æ¡°Popa¡±£©Í¨¹ý½«Ïû·ÑÕß¼ÒÍ¥µÄͨ³£É豸ת»¯Îª³ö¿Ú½Úµã £¬Ê¹¹¥»÷Õß¿ÉÄܲɰìÕâЩIP×ÊÔ´À´ÒþÄä×ÔÉíÁ÷Á¿ÆðÔ´¡£ÔËÓªÉÌͨ³£½«¶ñÒâ´úÂëÖ²Èë¿´ËÆºÏ·¨µÄÀûÓ÷¨Ê½ £¬»òͨ¹ýԤװ¶ñÒâÈí¼þµÄ·Ç¹Ù·½ÁªÍøÉ豸ÇÖÈë¼ÒÓÃÖÕ¶Ë £¬¶øÓû§ÍùÍùÔÚ²»ÖªÇéµÄÇé¿öÏÂÏÂÔØÁËÔ̺¬°µ²Ø´úÀí´úÂëµÄÀûÓᣳýÁËÒÔ×ÔÓÐÆ·ÅÆÏúÊÛÍøÂç½Ó¼ûȨÏÞ £¬NetNut»¹ÔËÓª×ŹæÄ£ÖØ´óµÄ¾­ÏúÉÌ´òËã £¬ÔÊÐíµÚÈý·½¶ÔÆäÍøÂç½øÐаױ궨Ôì¡£


https://cybernews.com/news/google-fbi-disrupt-netnut-botnet-2-million-devices/


3. ÃÀ¹ú¹¤Òµ¾ÞÍ·UPSÔâChaosÀÕË÷Èí¼þ¹¥»÷


7ÔÂ2ÈÕ £¬¹¤Òµ·þÎñ¹«Ë¾Universal Plant Services£¨UPS£©½üÈÕ±»ÁÐÈë°µÍøChaosÀÕË÷Èí¼þÍÅ»ïµÄйÃÜÍøÕ¾ £¬³ÉΪ¸Ã×éÖ¯µÄ×îй¥»÷Ö¸±ê¡£Õâ¼Ò×ܲ¿Î»Óڵ¿ËÈøË¹ÖÝµÄÆóÒµÊDZ±ÃÀÐýתºÍÍù¸´Ê½É豸·þÎñÁìÓòÈ·µ±ÏÈÆóÒµ £¬ÎªÈ«ÃÀÔ¼700¼Ò¿Í»§Ìṩרҵ·þÎñ £¬ÄêÊÕÈë¸ß´ï6.15ÒÚÃÀÔª¡£¹¥»÷ÕßÐû³ÆÒÑÇÔÈ¡¸Ã¹«Ë¾´óÁ¿Ãô¸ÐÊý¾Ý £¬²¢ÒÔ´Ë×÷ΪÍþв°ä²¼¡°×îºóͨ뺡± £¬ÕâÊÇÀÕË÷Èí¼þÍÅ»ïµÄ³£¼û¼¿Á© £¬Ö¼ÔÚͨ¹ý¹«¿ªÐ¹Â¶Êܺ¦ÕßÊý¾ÝÀ´ÆÈʹÆäÖ§¸¶Êê½ð¡£¾Ý¹¥»÷Õß°ä²¼µÄÇåµ¥ £¬±»ÇÔÊý¾ÝÁìÓò¼«Îª¿í·º £¬º­¸ÇÁËÈ«ÃæÉó¼Æ»ã±¨¡¢Ë°ÎñÉ걨Îļþ£¨º¬ADPϵͳÊý¾Ý£©¡¢¹¤×ʵ¥ÐÅÏ¢¡¢ÒøÐÐÂòÂô¼Í¼¡¢ÏÖ½ðÖÎÀí»ã±¨µÈ²ÆÕþÖ÷ÌâÊý¾Ý £¬ÒÔ¼°Ô±¹¤µÄÉç»á°²È«ºÅÂë¡¢¼Òͥסַ¡¢µ®ÉúÈÕÆÚºÍ±£Ãܽ¡È«¼Í¼µÈ¸ß¶ÈÃô¸ÐµÄÓ×ÎÒÐÅÏ¢¡£´Ë±í £¬±»µÁÊý¾Ý»¹Ô̺¬¾ßÌå·Ö°üºÏͬ¡¢±£ÃܺÍ̸¡¢¿Í»§µµ°¸¡¢Ðí¿ÉÎļþ¡¢ÄÚ²¿»úе»ã±¨¡¢×¨ÓвɹºÊý¾Ý£¨Éæ¼°ÄÜÔ´·þÎñÆóÒµEthos Energy£©¡¢ÖÊÁ¿½ÚÔìºÍ̸ÒÔ¼°ÏîÄ¿Ìá°¸µÈÉæ¼°¹«Ë¾ÔËÓªºÍóÒ×»úÃܵĸ÷ÀàÎĵµ¡£½ØÖÁĿǰ £¬Universal Plant ServicesÉÐδ¾Í´Ëʹ«¿ª»ØÓ¦¡£


https://cybernews.com/universal-plant-services-chaos-ransomware/


4. ºÉÀ¼Avans´óѧPower BIÅäÖÃʧÎóÖÂÊý¾Ýй¶


7ÔÂ2ÈÕ £¬ºÉÀ¼AvansÀûÓÿƼ¼´óѧ½üÈÕÅû¶ÁËһ·ÑϳÁµÄÊý¾Ýй¶ÊÂÎñ £¬Éæ¼°¸ÃУÃûΪAMIGOµÄÖÎÀíµ±Ó÷¨Ê½¡£¸ÃÀûÓ÷¨Ê½»ùÓÚ΢ÈíPower BIƽ̨¹¹½¨ £¬ÖØÒªÓÃÓÚÖÎÀíÔ̺¬Ñ§ÉúÈëѧÂÊ¡¢ê¡Ñ§ÂʵȽÌÓýͳ¼ÆÐÅÏ¢µÄÊý¾Ý¼¯¡£ÊÂÎñÆðÒòÓÚ2025Äê6ÔÂ30ÈÕ΢Èí¶ÔÆäÔÆ»·¾³ÖÐÖ´ÐеÄÒ»ÏîÅäÖõ÷»» £¬¸Ãµ÷»»ÎÞÒâÖÐÔÊÐíÁËδ¾­ÊÚȨµÄÓû§¼ìË÷¿É×·Òäµ½¾ßÌåÓ×ÎÒµÄÃô¸ÐÊý¾Ý¡£È»¶ø £¬ÕâÒ»°²È«·ì϶ֱµ½½üÒ»ÄêºóµÄ2026Äê6ÔÂ8Èղű»¸ÃУһÃûÔ±¹¤·¢ÏÖ¡£·¢ÏÖºó £¬Avans´óѧµ±¼´²ÉÈ¡Á˲¹¾È´ëÊ© £¬²¢ÒÀÕÕºÉÀ¼Êý¾Ý±£»¤ÂÉÀýÏò¸Ã¹úÊý¾Ý±£»¤»ú¹¹Ìá½»ÁËÕýʽ»ã±¨¡£Ö»¹Ü¸ÃУÃ÷È·ÈÏ¿Éй¶µÄÐÅÏ¢ÊôÓÚÃô¸ÐÓ×ÎÒÊý¾Ý £¬µ«³öÓÚ¶ÔÊÜÓ°ÏìÕßÒþÖԵı£»¤ £¬Ð£·½»Ø¾ø¹«¿ª¾ßÌåÉæ¼°ÄÄЩÀàÐ͵ÄÊý¾Ý×ֶΡ£AvansÔÚרÃÅÉèÁ¢µÄÅûÂ¶Ò³ÃæÉϰµÊ¾ £¬ËùÓÐÓйص±ÊÂÈËÒÑÓÚ2026Äê6ÔÂ30ÈÕÊÕµ½Ç××ÔͶµÝµÄ֪ͨ £¬Ð£·½ÒÑÏòËûÃǾßÌå˵ÁËÈ»Éæ¼°µÄÓ×ÎÒÊý¾ÝÀàÐÍ¡£Ä¿Ç° £¬Ñ§ÌÃÒÑÆô¶¯ÄÚ²¿µ÷²é £¬°²È«×êÑÐÈËÔ±½«³Áµã̽Ë÷ΪºÎ¸Ã·ì϶´æÔÚÈç´Ë³¤¹¦·ò²Å±»·¢ÏÖ £¬½üÒ»ÄêµÄ¶³öÆÚ¶³ö³öѧÌÃÔÚÊý¾Ý¼à¿ØºÍ¹Ü¿Ø¹¤¾ß·½Ãæ´æÔÚµÄÑϳÁ²»¼° £¬×êÑÐÈËԱͬʱҲÔÚ×êÑÐÈôºÎ¸Ä½øÓйع¤¾ßÒÔÔ¤·ÀÀàËÆÊÂÎñ³ÁÑÝ¡£


https://cybernews.com/security/dutch-university-data-breach-microsoft-power-bi/


5. 2026ÊÀ½ç±­³É´¹µöµö¶ü £¬¶¨ÔìÓʼþ´«²¼Voidrift²¡¶¾


7ÔÂ2ÈÕ £¬ÍøÂ簲ȫ¹«Ë¾Cofense Intelligence½üÈÕÅû¶ £¬Ò»³¡ÝÓÈÆ2026ÄêFIFAÊÀ½ç±­·¢Õ¹µÄ»îÔ¾ÍøÂç´¹µö»î¶¯ÔÚÈ«ÇòÁìÓòÄÚÀ©É¢ £¬ÆäÖ÷ÕÅÊÇ´«²¼ÃûΪVoidriftµÄ¸´ÔÓ¶ñÒâÈí¼þ¡£¾Ý×êÑÐÈËÔ±·ÖÎö £¬¸ÃÚ¿Æ­»î¶¯Ê¼ÓÚÒ»·â¸ß¶È¶¨Ô컯µÄµç×ÓÓʼþ £¬ÓʼþÐû³ÆÍ¨¹ýαÔìµÄÓë¹ú¼Ê×ãÁª¼°Êܺ¦Õߵص㹫˾µÄºÏ×÷¹ØÏµ £¬ÏòÔ±¹¤Ìṩ¶À¼ÒÊÀ½ç±­ÁôÏëTÐô¡£ÎªÁìÈ¡Õâ¼þ¿´ËÆÓÕÈ˵ÄÀñÎï £¬ÊÕ¼þÈ˱»ÒªÇóÏÂÔØÒ»·Ý×¢²á±í¸ñ £¬È»¶øÏÖʵÏÂÔØ²¢×°ÖõÄÈ´ÊÇVoidrift¶ñÒâÈí¼þ £¬¹¥»÷Õß½è´Ë»ñµÃ¶ÔÊܺ¦Õ߯óÒµÍøÂçµÄ³õʼ½Ó¼ûȨÏÞ £¬½ø¶øÇÔȡҵÎñÊý¾Ý¡¢¼à¶½¹«Ë¾»î¶¯»òÈëÇÖÃô¸ÐµÄÆóÒµÕË»§¡£Õâ´Î¹¥»÷µÄΣÏÕÐÔÔÚÓÚÆä¸ß¶ÈµÄÕë¶ÔÐÔºÍÒñ±ÎÐÔ¡£Ã¿·â´¹µöÓʼþ¾ùƾ¾ÝÊÕ¼þÈ˵ÄÐÕÃû¼°ÆäËùÊô¹«Ë¾Á¿Éí¶¨Ôì £¬ÉõÖÁÁ¬Ðû´«Í¼Æ¬ÖеÄTÐô¶¼Ó¡ÓжÔÓ¦¹«Ë¾µÄ±êÖ¾ £¬Ê¹µÃÓʼþ¼«¾ß¹Æ»óÐÔ £¬Ô±¹¤ºÜÄѽ«ÆäÓëͨ³£µÄÓªÏúÍÆ¹ã·Ö±æ¸ôÀ´¡£¸üÁîÈËÓÇÓôµÄÊÇ £¬CofenseÈ·Èϸù¥»÷»î¶¯Òѳɹ¦ÈƹýÁËÈýÖÖ¿í·º²¿ÊðµÄ°²È«µç×ÓÓʼþÍø¹ØCisco IronPort¡¢Microsoft ATPºÍAbnormal Security £¬ÕâÒâζ×Å´«Í³µÄ×Ô¶¯»¯Óʼþ°²È«½ÚÔì´ëÊ©ÔÚÃæ¶Ô´ËÀ๥»÷ʱÆëȫʧЧ¡£


https://cybernews.com/security/hackers-fifa-world-cup-2026-football-voidrift-malware/


6. ARTokenƽ̨£ºÎ¢Èí365ÕË»§µÄÐÂÍþв


7ÔÂ3ÈÕ £¬Ë¼¿ÆTalosÍŶӽüÆÚ·¢ÏÖÁËÒ»¸öÃûΪ¡°ARToken¡±µÄÐÂÐÍÍøÂç´¹µö¼´·þÎñ£¨PhaaS£©Æ½Ì¨ £¬¸Ãƽ̨ÓëÏÈǰ¼Í¼µÄEvilTokens´¹µöϵͳ¸ß¶È¹ØÁª £¬Îª°²È«×êÑÐÈËÔ±½ÒʾÁ˵±Ç°Õë¶ÔMicrosoft 365»·¾³µÄ×îÏȽø¹¥»÷¹¤¾ß°ü¡£ÔÚ¶ÔÊÂÎñÏìÓ¦»î¶¯ÖÐÉæ¼°µÄ»ù´¡ÉèÊ©½øÐÐÉî¿Ìµ÷²éʱ £¬Talos¼ø±ð³öÒ»¸ö»ùÓÚReact¹¹½¨µÄ¡°ARToken Panel¡±ÖÎÀíÃæ°å £¬Æä¶³öÁ˳¬¹ý80¸öAPI¶Ëµã £¬Í¨¹ý¶Ô¿Í»§¶ËJavaScript´úÂëµÄÄæÏò¹¤³Ì £¬×êÑÐÈËÔ±·¢ÏÖ¸ÃÆ½Ì¨µÄÖ°ÄÜÔ¶³¬Í¨Àý´¹µö·þÎñ £¬Ëü²»½ö¿ÉÄÜÇÔÈ¡Microsoft 365Éí·ÝÑéÖ¤ÁîÅÆ £¬»¹ÄÜÀûÓÃÖ÷Ë¢ÐÂÁîÅÆ£¨PRT£©³ÉÁ¢Óƾû¯½Ó¼û £¬´Ó¶øÈ«Ãæ½ÚÔìÊܺ¦ÕßµÄOutlookÓÊÏä¡¢SharePointÕ¾µãºÍOneDriveÎļþ¡£¸Ãƽ̨µÄÖ÷Ìâ¹¥»÷»úÔìÒÀ¸½ÓÚ΢ÈíµÄOAuth 2.0É豸ÊÚȨÊÚÓèÁ÷³Ì £¬¼´¡°É豸´úÂë´¹µö¡± £¬Êܺ¦Õß±»ÓÕµ¼ÔÚ΢Èí¹Ù·½µÇÂ¼Ò³ÃæÊäÈëºÏ·¨É豸´úÂë £¬Ê¹µÃÈÏÖ¤ÁîÅÆÖ±½ÓÐû¸æ¸ø¹¥»÷Õß £¬´Ó¶øÓÐÐ§ÈÆ¹ý¶à³ÁÉí·ÝÑéÖ¤£¨MFA£©±£»¤¡£


https://www.bleepingcomputer.com/news/security/artoken-phaas-exposes-eviltokens-microsoft-365-phishing-toolkit/