¿¨°Í˹»ù·¢ÏÖÒÁÀÊAPT×éÖ¯OilrigʹÓÃDoHÇÔÈ¡ÍøÂçÖÐÊý¾Ý£»£»£»£»£»ÐÂEtherOops¹¥»÷ÀûÓÃÒÔÌ«ÍøµçÀÂÕë¶ÔÆóÒµÄÚÍøÖÐÉ豸
°ä²¼¹¦·ò 2020-08-061.¿¨°Í˹»ù·¢ÏÖÒÁÀÊAPT×éÖ¯OilrigʹÓÃDoHÇÔÈ¡ÍøÂçÖÐÊý¾Ý
¿¨°Í˹»ù·¢ÏÖ£¬£¬£¬£¬£¬£¬£¬ÒÁÀÊAPT×éÖ¯Oilrig£¨APT34£©ÀûÓÃDNS-over-HTTPS£¨DoH£©ºÍ̸´Ó±»ÈëÇÖµÄÍøÂçÖÐÇÔÈ¡Êý¾Ý¡£¡£¡£¡£¡£¡£¡£¡£¿£¿£¿£¿£¿£¿¨°Í˹»ùµÄ¶ñÒâÈí¼þ·ÖÎöʦVincente Diaz°µÊ¾£¬£¬£¬£¬£¬£¬£¬OilrigÆðͷʹÓÃDNSExfiltrator½øÐй¥»÷£¬£¬£¬£¬£¬£¬£¬ÆäÄܹ»Í¨¹ýÍøÂçÊý¾Ý²¢½«Æä°µ²ØÔڷdz߶ȺÍ̸ÖУ¬£¬£¬£¬£¬£¬£¬´Ó¶ø´´½¨Òñ±ÎµÄͨѶͨ·£¬£¬£¬£¬£¬£¬£¬OilrigÒ»ÏòÔÚʹÓÃDNSExfiltratorÔÚÄÚ²¿ÍøÂçÖкáÏòÒÆ¶¯²¢µÁÈ¡Êý¾Ý¡£¡£¡£¡£¡£¡£¡£¡£OilrigÊÇÊ׸öÀûÓÃDoHµÄAPT×éÖ¯£¬£¬£¬£¬£¬£¬£¬¸Ã×éÖ¯ÔÀ´Ò²Éæ×ã¹ý»ùÓÚDNSµÄÉøÈë¼¼Êõ¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/iranian-hacker-group-becomes-first-known-apt-to-weaponize-dns-over-https-doh/#ftag=RSSbaffb68
2.WastedLockerÀûÓÃWindowsÄÚ´æÖÎÀíÖ°ÄÜÌÓ±Üɱ¶¾Èí¼þ¼ì²â
ÀÕË÷Èí¼þWastedLockerÀûÓÃWindowsÄÚ´æÖÎÀíÖ°ÄÜÌÓ±Üɱ¶¾Èí¼þµÄ¼ì²â¡£¡£¡£¡£¡£¡£¡£¡£ÎªÁËÈÆ¹ý·´ÀÕË÷Èí¼þ½â¾ö¹æ»®µÄ¼ì²â£¬£¬£¬£¬£¬£¬£¬WastedLocker»áÀûÓÃÒ»¸ö¹ý³ÌÀ´´ò¿ªÒ»¸öÎļþ£¬£¬£¬£¬£¬£¬£¬²¢½«Æä¶ÁÈ¡µ½Windows Cache ManagerÖУ¬£¬£¬£¬£¬£¬£¬¶øºó¹Ø¹ØÔʼÎļþ¡£¡£¡£¡£¡£¡£¡£¡£ÓÉÓÚÊý¾Ý´Ë¿Ì´æ´¢ÔÚWindows»º´æÖÎÀíÆ÷ÖУ¬£¬£¬£¬£¬£¬£¬Òò¶øWastedLocker½«¼ÓÃÜ»º´æÖеÄÎļþÄÚÈÝ¡£¡£¡£¡£¡£¡£¡£¡£ÓÉÓÚWindows»º´æÖÎÀíÆ÷×÷Ϊϵͳ¹ý³ÌÔËÐУ¬£¬£¬£¬£¬£¬£¬°²È«Èí¼þ½«ÒÔΪÕâÊǺϷ¨µÄWindows¹ý³Ì¼ÓÃÜÊý¾Ý¡£¡£¡£¡£¡£¡£¡£¡£¸Ã²½ÖèÓÐЧµØÈƹýÁËÀÕË÷Èí¼þ±£»£»£»£»£»¤Ä£¿£¿£¿£¿£¿£¿é£¬£¬£¬£¬£¬£¬£¬²¢ÔÊÐíWastedLocker¼ÓÃÜËùÓÐÎļþ¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/wastedlocker-ransomware-abuses-windows-feature-to-evade-detection/
3.ÐÂEtherOops¹¥»÷ÀûÓÃÒÔÌ«ÍøµçÀ£¬£¬£¬£¬£¬£¬£¬Õë¶ÔÆóÒµÄÚÍøÖÐÉ豸
ÎïÁªÍø×êÑлú¹¹ArmisµÄ×êÑÐÈËÔ±·¢ÏÖй¥»÷·½Ê½EtherOops£¬£¬£¬£¬£¬£¬£¬¸Ã¼¼ÊõÀûÓÃÓйÊÕϵÄÒÔÌ«ÍøµçÀ£¬£¬£¬£¬£¬£¬£¬¿ÉÓÃÓÚ¹¥»÷ÆóÒµÄÚ²¿ÍøÂçÖеÄÉ豸¡£¡£¡£¡£¡£¡£¡£¡£EtherOops¸ù»ùÉÏÊÇÖð°ü¹¥»÷£¬£¬£¬£¬£¬£¬£¬ÓйÊÕϵĵçÀ£¨ÒªÃ´ÊÇÓÉÓÚ²»ÃÀÂúµÄµçÀ£¬£¬£¬£¬£¬£¬£¬ÒªÃ´ÊÇÓÉÓÚ¶ñÒâ×ÌÈŹ¥»÷£©½«Ôâµ½µç×Ó×ÌÈÅ£¬£¬£¬£¬£¬£¬£¬²¢·×ªÏÖʵÊý¾Ý°üÖеıÈÌØ£¬£¬£¬£¬£¬£¬£¬ÂýÂý·ÛËé±í¿Ç£¬£¬£¬£¬£¬£¬£¬Ê¹ÄÚ²¿ÓÐЧ¸ºÔØ´¦Óڻ״̬¡£¡£¡£¡£¡£¡£¡£¡£EtherOops¹¥»÷³É¹¦ºó£¬£¬£¬£¬£¬£¬£¬¿ÉÖ±½Ó´ÓInternetÉøÈëÍøÂ磬£¬£¬£¬£¬£¬£¬ÉøÈëÀ´×ÔDMZÍø¶ÎµÄÄÚ²¿ÍøÂ磬£¬£¬£¬£¬£¬£¬²¢ÔÚÄÚ²¿ÍøÂçµÄ¸÷¸ö²¿ÃÅÖ®¼äºáÏòÒÆ¶¯¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.zdnet.com/article/new-etheroops-attack-takes-advantage-of-faulty-ethernet-cables/
4.¹ú¼ÊÐ̾¯×éÖ¯°ä²¼COVID-19¶ÔÈ«ÇòÍøÂç·¸×ïÓ°ÏìµÄ»ã±¨
¹ú¼ÊÐ̾¯×éÖ¯£¨Interpol£©°ä²¼Á˹ØÓÚCOVID-19¶ÔÈ«ÇòÍøÂç·¸×ïµÄÓ°ÏìµÄ»ã±¨¡£¡£¡£¡£¡£¡£¡£¡£»ã±¨°µÊ¾£¬£¬£¬£¬£¬£¬£¬ÀÕË÷Èí¼þLockBitĿǰ½«ÃÀ¹úÖÐÐÍÆóÒµ×÷ÎªÖØÒª¹¥»÷Ö¸±ê¡£¡£¡£¡£¡£¡£¡£¡£´Ë±í£¬£¬£¬£¬£¬£¬£¬Æ¾¾ÝËûÃǵķÖÎö£¬£¬£¬£¬£¬£¬£¬CERBER¡¢NetWalkerºÍRyukÊÇ×î½ü·¢ÏֵĶ¥¼¶ÀÕË÷Èí¼þ¼Ò×壬£¬£¬£¬£¬£¬£¬ËûÃÇÒ»Ïò²»ÐÝ·¢Õ¹ÒÔ×î´óˮƽµØÌá¸ßµ¥´Î¹¥»÷µÄ·çÏÕ¼°ÊÕÒæ¡£¡£¡£¡£¡£¡£¡£¡£Interpol½¨Ò鹫˾ºÍ×é֯ά³ÔìäÈí¼þºÍÓ²¼þΪ×îÐÂ״̬£¬£¬£¬£¬£¬£¬£¬²¢Ê¹ÓÃÍÑ»ú´æ´¢É豸±¸·ÝÆäÊý¾Ý£¬£¬£¬£¬£¬£¬£¬ÒÔÔ¤·ÀÀÕË÷Èí¼þ¶ÔÊý¾Ý½øÐнӼûºÍ¼ÓÃÜ¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/interpol-lockbit-ransomware-attacks-affecting-american-smbs/
5.Check Point»ã±¨£¬£¬£¬£¬£¬£¬£¬GoogleºÍAmazonΪ´¹µö¹¥»÷ÖØÒª¼ÙÒâÖ¸±ê
Check Point°ä²¼ÁËÆ·ÅÆÍøÂç´¹µö»ã±¨£¬£¬£¬£¬£¬£¬£¬·¢ÏÖGoogleºÍAmazonÎªÆ·ÅÆÍøÂç´¹µö¹¥»÷ÖØÒª¼ÙÒâÖ¸±ê¡£¡£¡£¡£¡£¡£¡£¡£ÔÚÆ·ÅÆÍøÂç´¹µö¹¥»÷ÖУ¬£¬£¬£¬£¬£¬£¬¹¥»÷Õßͨ¹ýʹÓÃÀàËÆµÄÓòºÍURLÀ´¼ÙÒâ³ÛÃûÆ·ÅÆµÄ¹Ù·½ÍøÕ¾£¬£¬£¬£¬£¬£¬£¬Í¨³£»£»£»£»£»¹»áʹÓÃÓëÔÊ¼ÍøÕ¾ÀàËÆµÄÍøÒ³¡£¡£¡£¡£¡£¡£¡£¡£×êÑÐÈËÔ±·¢ÏÖ£¬£¬£¬£¬£¬£¬£¬¹È¸è£¨13£¥£©ºÍÑÇÂíÑ·£¨13£¥£©Ò»Â·×é³ÉÁ¶¯ÃÀ๥»÷µÄËÄ·ÖÖ®Ò»¡£¡£¡£¡£¡£¡£¡£¡£½ÓÏÂÀ´ÊÇWhatsApp£¨9£¥£©ºÍFacebook£¨9£¥£©£¬£¬£¬£¬£¬£¬£¬Æä´ÎÊÇMicrosoft£¨7£¥£©¡¢Outlook£¨3£¥£©¡¢Netflix£¨2£¥£©¡¢Apple£¨2£¥£©¡¢Huawei£¨2£¥£©ºÍPayPal£¨ 2£¥£©¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.darkreading.com/vulnerabilities---threats/google-and-amazon-replace-apple-as-phishers-favorite-brands/d/d-id/1338572?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
6.NSA°ä²¼Ê¹ÓÃIoTÉ豸ºÍÒÆ¶¯ÀûÓÃʱ½µµÍµØÎ»¸ú×Ù·çÏÕµÄÖ¸ÄÏ
ÃÀ¹ú¹ú¶È°²È«¾Ö(NSA)°ä²¼ÁËÒ»·ÝÖ¸ÄÏ£¬£¬£¬£¬£¬£¬£¬Áìµ¼ÈËÃÇÈôºÎÔÚʹÓÃÒÆ¶¯ºÍÎïÁªÍøÉ豸¡¢É罻ýÌåºÍÒÆ¶¯ÀûÓ÷¨Ê½Ê±¾¡¿ÉÄÜÉÙµØÂ¶³öλÏàÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬¸ÃÖ¸ÄÏÖØÒªÕë¶ÔÖØÒªÊÇÕë¶ÔNSSºÍDoDϵͳÓû§¡£¡£¡£¡£¡£¡£¡£¡£ÖÇÄÜÊÖ»úºÍƽ°åµçÄÔµÈÉ豸»áʹÓÃGPSºÍÎÞÏßÐźÅÀ´È·¶¨Óû§µÄµØÎ»£¬£¬£¬£¬£¬£¬£¬½ûÓÃÕâЩ·þÎñ½«´ó´óÏ÷¼õµØÎ»Êý¾Ý¶³öµÄ¿ÉÄÜ¡£¡£¡£¡£¡£¡£¡£¡£´Ë±í£¬£¬£¬£¬£¬£¬£¬»¹Äܹ»½ûÓÃÉ豸ÉϵĵØÎ»·þÎñÉèÖ㻣»£»£»£»µ±²»Ê¹ÓÃÉ豸ʱʹÓ÷ÉÐÐģʽ£¬£¬£¬£¬£¬£¬£¬ÕâÄܹ»È·±£BTºÍWi-Fi´¦ÓÚ½ûÓÃ״̬£»£»£»£»£»¾¡¿ÉÄÜÉÙµØÔÊÐíÀûÓ÷¨Ê½µÄȨÏÞ£»£»£»£»£»×î´óÏ޶ȵؽûÓøæ°×ȨÏÞ£»£»£»£»£»½ûÓÃÔÊÐí¸ú×ÙÃÔʧ¡¢±»µÁ»òÃÔʧÉ豸µÄÉèÖ㻣»£»£»£»Ê¹ÓÃÄäÃûÐ鹹רÓÃÍø(VPN)Ô®ÊÖ°µ²ØµØÎ»£»£»£»£»£»¾¡¿ÉÄÜÏ÷¼õ´æ´¢ÔÚÔÆÖеÄλÏàÐÅÏ¢µÄÊýÁ¿¡£¡£¡£¡£¡£¡£¡£¡£
ÔÎÄÁ´½Ó£º
https://www.bleepingcomputer.com/news/security/nsa-offers-advice-on-how-to-reduce-location-tracking-risks/


¾©¹«Íø°²±¸11010802024551ºÅ