CactusPete APTÀûÓÃBisonal¹¥»÷Å·ÖÞ½ðÈں;üÊÂ×éÖ¯£»£»£»£»£»£»£»£»¼ÓÄôó˰Îñ¾ÖÁ¬ÔâÁ½´Î¹¥»÷£¬ £¬£¬£¬£¬£¬ £¬ÆäÊýǧÕÊ»§Êܵ½Ó°Ïì

°ä²¼¹¦·ò 2020-08-17

1.CactusPete APTÀûÓÃBisonal¹¥»÷Å·ÖÞ½ðÈں;üÊÂ×éÖ¯


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


¿¨°Í˹»ù·¢ÏÖCactusPete APTÕý½øÐÐÒ»³¡Õë¶ÔÕû¸ö¶«Å·¾üʺͽðÈÚ×éÖ¯µÄ»î¶¯£¬ £¬£¬£¬£¬£¬ £¬²¢Ê¹ÓÃÁ˺óÃÅBisonalµÄбäÌå¡£¡£¡£¡£¡£¡£¡£¡£¸Ã×éÖ¯ÓÚ2013Äê³õ´Î±»·¢ÏÖ£¬ £¬£¬£¬£¬£¬ £¬ÓëÅ·ÖÞ¡¢¶íÂÞ˹¡¢ÈÕ±¾ºÍº«¹úµÄÍøÂç·¸×ï»î¶¯Óйأ¬ £¬£¬£¬£¬£¬ £¬×¨ÃÅ´Óʵý±¨ÍøÂçºÍ¼äµý»î¶¯¡£¡£¡£¡£¡£¡£¡£¡£CactusPeteʹÓõÄBisonalÊÇÒ»ÖÖÍøÂç¼äµý¹¤¾ß£¬ £¬£¬£¬£¬£¬ £¬¿ÉÄÜά³Ö¶ÔÊÜϰȾ»úеµÄÓÆ¾ÃÐÔ£¬ £¬£¬£¬£¬£¬ £¬¿ÉɨÃèÇý¶¯Æ÷¡¢Áгö²¢Ð¹Â¼ûô¸ÐµÄÎļþ¡¢É¾³ýÄÚÈÝ¡¢É±ËÀϵͳ¹ý³ÌÒÔ¼°Ö´ÐдúÂë¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/cactuspete-threat-group-goes-on-the-rampage-with-a-new-bisonal-backdoor/


2.¼ÓÄôó˰Îñ¾ÖÁ¬ÔâÁ½´Î¹¥»÷£¬ £¬£¬£¬£¬£¬ £¬ÆäÊýǧÕÊ»§Êܵ½Ó°Ïì


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


¼ÓÄôó˰Îñ¾Ö£¨Canada Revenue Agency£¬ £¬£¬£¬£¬£¬ £¬CRA£©È·ÈÏÆä×î½üÔâµ½Á½´ÎÍøÂç¹¥»÷£¬ £¬£¬£¬£¬£¬ £¬Ó°ÏìÁËÓëÆä·þÎñÓйصÄÊýǧ¸öÕÊ»§£¬ £¬£¬£¬£¬£¬ £¬²¢±»ÆÈÁÙʱ¹Ø¹ØÁËÆäÔÚÏß·þÎñ¡£¡£¡£¡£¡£¡£¡£¡£±¾Ô³õ£¬ £¬£¬£¬£¬£¬ £¬¼ÓÄù«Ãñ·¢ÏÔìäÓëCRAÕÊ»§ÓйØÁªµÄÓʼþµØÖ·Òѱ»´Û¸Ä£¬ £¬£¬£¬£¬£¬ £¬Ö±½Ó´æ¿îÐÅÏ¢±»¸ü¸Ä£¬ £¬£¬£¬£¬£¬ £¬²¢ÇÒÌáÒéÁËCERB¸¶¿î£¬ £¬£¬£¬£¬£¬ £¬¼´±ãËûÃÇûÓÐÉêÇëCOVID-19¸£Àû¡£¡£¡£¡£¡£¡£¡£¡£½ØÖÁ8ÔÂ14ÈÕ£¬ £¬£¬£¬£¬£¬ £¬ÒÑÓÐÔ¼5500¸öÕÊ»§Êܵ½µ¥´Î¹¥»÷µÄÓ°Ïì¡£¡£¡£¡£¡£¡£¡£¡£²ÆÕþ²¿°µÊ¾£¬ £¬£¬£¬£¬£¬ £¬ÕâÁ½ÆðÊÂÎñ¾ùÓÉÆ¾Ö¤Ìî³ä¹¥»÷µ¼Ö¡£¡£¡£¡£¡£¡£¡£¡£

 Ô­ÎÄÁ´½Ó£º

https://www.cbc.ca/news/politics/canada-revenue-agency-cra-cyberattack-1.5688163


3.еÄCOVID-19À¬»øÓʼþ»î¶¯ÀûÓÃEmotetÕë¶ÔÃÀ¹ú¹«Ë¾


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


×êÑÐÈËÔ±·¢ÏÖеÄÀ¬»øÓʼþ»î¶¯ÀûÓÃEmotetÕë¶ÔÃÀ¹ú¹«Ë¾¡£¡£¡£¡£¡£¡£¡£¡£¸Ã»î¶¯¼Ù×°³ÉÀ´×Ô¼ÓÀû¸£ÄáÑÇÏû·À»úе£¬ £¬£¬£¬£¬£¬ £¬ÒÔ5ÔÂCOVID-19¸üÐÂΪÖ÷Ì⣬ £¬£¬£¬£¬£¬ £¬Ô̺¬Óж¨ÃûΪEG-8777 Medical report COVID-19.docµÄ¶ñÒ⸽¼þ¡£¡£¡£¡£¡£¡£¡£¡£Æä¼Ù×°³ÉiOSÉ豸´´½¨µÄÎļþ£¬ £¬£¬£¬£¬£¬ £¬ÒªÇóÓû§µã»÷ÆôÓÃÄÚÈÝÀ´²é¿´¡£¡£¡£¡£¡£¡£¡£¡£Ò»µ©Óû§µã»÷ºó£¬ £¬£¬£¬£¬£¬ £¬±ã»áÖ´ÐÐPowerShellºÅÁ £¬£¬£¬£¬£¬ £¬²¢ÏÂÔØ¶ñÒâÈí¼þEmotetµÄ¿ÉÖ´ÐÐÎļþ£¬ £¬£¬£¬£¬£¬ £¬½«Æä±£Áôµ½£¥UserProfile£¥Îļþ¼ÐÖÓ×£¡£¡£¡£¡£¡£¡£¡£×îÖÕ£¬ £¬£¬£¬£¬£¬ £¬Emotet»¹»áÏÂÔØ²¢×°ÖÃÆäËû¶ñÒâÈí¼þ£¬ £¬£¬£¬£¬£¬ £¬ÀýÈçQbot»òTrickBot£¬ £¬£¬£¬£¬£¬ £¬ÓÃÓÚÇÔÈ¡Êý¾Ý¡¢ÃÜÂë»ò×°ÖÃÀÕË÷Èí¼þ¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/emotet-malware-strikes-us-businesses-with-covid-19-spam/


4.NCSUÃÛ¹ÞÔÚ11¸öÔÂÄÚ¼ì²âµ½150Íò´Îrobocall¹¥»÷


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


±±¿¨ÂÞÀ³ÄÉÖÝÁ¢´óѧ£¨NCSU£©×êÑз¢ÏÖ£¬ £¬£¬£¬£¬£¬ £¬Æäµç»°ÃÛ¹ÞÔÚ11¸öÔÂÄÚ¼ì²âµ½150Íò´Îrobocall¹¥»÷¡£¡£¡£¡£¡£¡£¡£¡£ËûÃÇÔÚ2019Äê3ÔÂÖÁ2020Äê1ÔÂÖ®¼ä°²²åÁË66606Ìõµç»°Ïߣ¬ £¬£¬£¬£¬£¬ £¬×ܼƽµ­Üµ½1481201ͨδ֪À´µç£¬ £¬£¬£¬£¬£¬ £¬¾ùÔÈÿ8.42Ìì½Óµ½Ò»´Î¡£¡£¡£¡£¡£¡£¡£¡£´Ë±í£¬ £¬£¬£¬£¬£¬ £¬×êÑÐÈËÔ±»¹¼Í¼ÁËÆäºô½ÐÑù±¾µÄ10£¥£¨Ô¼150000£©£¬ £¬£¬£¬£¬£¬ £¬²¢Ê¹ÓÃÒôƵ´¦Öù¤¾ß½øÐзÖÎö£¬ £¬£¬£¬£¬£¬ £¬·¢ÏÖÁË2687¸öÌØÊâµÄ×Ô¶¯É§Èŵ绰»î¶¯£¬ £¬£¬£¬£¬£¬ £¬ÆäÖйæÄ£×î´óµÄÊÇÖúѧ´û¿î¡¢½¡È«±£ÏÕ¡¢GoogleËÑË÷ÍÆ½ø·þÎñºÍÉç»á°²È«È¦Ìס£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/a-simple-telephony-honeypot-received-1-5-million-robocalls-across-11-months/


5.SodinokibiÐû³ÆÒѹ¥»÷Brown-Forman²¢ÇÔÈ¡1TBÊý¾Ý


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


SodinokibiÐû³ÆÒѹ¥»÷ÃÀ¹ú×î´óµÄÁÒ¾ÆºÍÆÏÌѾƹ«Ë¾Brown-Forman£¬ £¬£¬£¬£¬£¬ £¬²¢³É¹¦ÇÔÈ¡1TBÊý¾Ý¡£¡£¡£¡£¡£¡£¡£¡£Sodinokibi°µÊ¾£¬ £¬£¬£¬£¬£¬ £¬ÆäÈëÇÖÁËBrown-FormanµÄÍøÂ磬 £¬£¬£¬£¬£¬ £¬²¢ÆÆ·ÑÒ»¸ö¶àԵŦ·ò²é³­Óû§·þÎñ¡¢ÔÆÊý¾Ý´æ´¢ºÍ×ÜÌå½á¹¹£¬ £¬£¬£¬£¬£¬ £¬ÇÔÈ¡ÁË1TBÊý¾Ý£¬ £¬£¬£¬£¬£¬ £¬ÆäÖÐÔ̺¬ÓйØÔ±¹¤¡¢¹«Ë¾ºÍ̸¡¢ºÏͬ¡¢²ÆÕþ±¨±íºÍÄÚ²¿Í¨Ñ¶µÄ»úÃÜÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£¡£Brown-Forman°µÊ¾£¬ £¬£¬£¬£¬£¬ £¬ÆäÔÚ·¢ÏÖ¹¥»÷ºóѸËÙ²ÉÈ¡Ðж¯£¬ £¬£¬£¬£¬£¬ £¬Òò¶øËûÃǵÄϵͳ²¢Î´±»¼ÓÃÜ¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/us-spirits-and-wine-giant-hit-by-cyberattack-1tb-of-data-stolen/


6.Ö¥¼Ó¸çR1 RCM¹«Ë¾Ï°È¾Defrayµ¼ÖÂÆäϵÍÂäÙʱ¹Ø¹Ø


8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website


Ö¥¼Ó¸çµÄR1 RCM¹«Ë¾Ï°È¾ÀÕË÷Èí¼þ¹¥»÷µ¼ÖÂÆäϵÍÂäÙʱ¹Ø¹Ø¡£¡£¡£¡£¡£¡£¡£¡£¸Ã¹«Ë¾»Ø¾øÐ¹Â©ÓйشËʵÄÄÚÈÝ£¬ £¬£¬£¬£¬£¬ £¬ÖªÁµÈËÊ¿°µÊ¾´ËÊÂÎñÖÐʹÓõĶñÒâÈí¼þΪDefray¡£¡£¡£¡£¡£¡£¡£¡£DefrayÓÚ2017Äê³õ´Î·¢ÏÖ£¬ £¬£¬£¬£¬£¬ £¬ÆäרÃÅÕë¶ÔÒ½ÁƱ£½¡ÁìÓò¹«Ë¾£¬ £¬£¬£¬£¬£¬ £¬Í¨³£Í¨¹ýµç×ÓÓÊÏäÖеÄMicrosoft OfficeÎĵµ½øÐд«²¼¡£¡£¡£¡£¡£¡£¡£¡£Òò¶ø£¬ £¬£¬£¬£¬£¬ £¬Ç÷Ïò¿Æ¼¼ÒÔΪ¹¥»÷ÕßʹÓõĴ¹µöµç×ÓÓʼþ¿ÉÄÜÊǾ­¹ý¾«ÐÄÉè¼ÆµÄ£¬ £¬£¬£¬£¬£¬ £¬ÀýÈ磬 £¬£¬£¬£¬£¬ £¬Æä¼Ù×°³ÉÀ´×ÔÒ½ÔºµÄIT¾­Àí£¬ £¬£¬£¬£¬£¬ £¬Æä¶ñÒâÎļþ¼Ù×°³É»¼Õ߻㱨¡£¡£¡£¡£¡£¡£¡£¡£


Ô­ÎÄÁ´½Ó£º

https://krebsonsecurity.com/2020/08/medical-debt-collection-firm-r1-rcm-hit-in-ransomware-attack/