±ÈÀûʱBelnetÔâµ½DDoS¹¥»÷ £¬¶à¸ö¹Ù·½ÍøÕ¾ÎÞ·¨½Ó¼û£»Dell°ä²¼°²È«¸üР£¬½¨¸´¶à¸öÒѾ­´æÔÚ12ÄêµÄ·ì϶

°ä²¼¹¦·ò 2021-05-06

1.±ÈÀûʱBelnetÔâµ½DDoS¹¥»÷ £¬¶à¸ö¹Ù·½ÍøÕ¾ÎÞ·¨½Ó¼û


1.jpg


±ÈÀûʱBelnetÓÚÖܶþÔâµ½´ó¹æÄ£DDoS¹¥»÷ £¬¶à¸ö¹Ù·½ÍøÕ¾ÎÞ·¨½Ó¼û¡£Belnet£¨±ÈÀûʱ ¹ú¶È×êÑкͽÌÓýÍøÂ磩ÊÇΪ±ÈÀûʱ½ÌÓý»ú¹¹¡¢×êÑÐÖÐÐÄ¡¢¿ÆÑ§×êÑÐËùºÍµ±¾Ö·þÎñÌṩ·þÎñµÄ»¥ÁªÍøÌṩÉÌ¡£¾Ý¹À¼Æ £¬Õâ´Î¹¥»÷Ó°ÏìÁ˱ÈÀûʱµÄ200¶à¸ö×éÖ¯ £¬Ô̺¬µ±¾Ö¡¢¾¯Ô±¾ÖºÍCOVID-19ÒßÃçÔ¤Ô¼µÈÍøÕ¾¡£Ä¿Ç° £¬±ÈÀûʱµ±¾ÖÔÚµ÷²é´ËÊÂÎñ £¬Éв»Ã÷ÏÔ·¢ÆðÕâ´Î¹¥»÷µÄ¹¥»÷Õß¡£


Ô­ÎÄÁ´½Ó£º

https://news.softpedia.com/news/belgium-was-hit-by-a-massive-cyberattack-532812.shtml


2.Dell°ä²¼°²È«¸üР£¬½¨¸´¶à¸öÒѾ­´æÔÚ12ÄêµÄ·ì϶


2.jpg


Dell°ä²¼°²È«¸üР£¬½¨¸´DBUtil BIOSÇý¶¯·¨Ê½ÖÐÒѾ­´æÔÚ12ÄêµÄ5¸ö·ì϶¡£SentinelLabs°µÊ¾ £¬ÕâЩ·ì϶×Ô2009ÄêÒÔÀ´Ò»Ïò´æÔÚ £¬Ó°ÏìÁËDellËùÓеĄ̈ʽ»ú¡¢±Ê¼Ç±¾µçÄÔºÍÆ½°åµçÄÔ¡£Õâ5¸ö·ì϶±»×·×ÙΪCVE-2021-21551 £¬CVSSÆÀ·ÖΪ8.8 £¬±ðÀëΪ2¸öÄÚ´æ°Ü»µµ¼ÖµÄÌáȨ·ì϶ £¬2¸ö²»×ãÊäÈëÑéÖ¤µ¼ÖµÄÌáȨ·ì϶ºÍ1¸ö´úÂëÂß¼­ÎÊÌâµ¼ÖµĻؾø·þÎñ·ì϶¡£Ä¿Ç° £¬ÕâЩ·ì϶ÉÐδ±»ÔÚÒ°ÀûÓá£


Ô­ÎÄÁ´½Ó£º

https://threatpost.com/dell-kernel-privilege-bugs/165843/


3.Cisco°ä²¼°²È«¸üР£¬½¨¸´¶à¿î²úÆ·ÖÐÑϳÁµÄ·ì϶


3.jpg


Cisco°ä²¼°²È«¸üР£¬½¨¸´Á˶à¿î²úÆ·ÖÐÑϳÁµÄ·ì϶¡£Õâ´Î½¨¸´µÄ½ÏΪÑϳÁµÄ·ì϶ΪSD-WAN vManageÖÐδÊÚȨµÄÐÂÎÅ´¦Ö÷ì϶£¨CVE-2021-1468£©¡¢ÌáȨ·ì϶ÄǸö£¨CVE-2021-1505£©ÒÔ¼°HyperFlex HXÖеĺÅÁî×¢Èë·ì϶£¨CVE-2021-1497£©¡£´Ë±í £¬¸üл¹½¨¸´ÁËÆäËû²úÆ·ÖеĶà¸ö·ì϶ £¬Ô̺¬ËÁÒâ´úÂëÖ´Ðзì϶¡¢ÌáȨ·ì϶ºÍ»Ø¾ø·þÎñ·ì϶µÈ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/cisco-bugs-allow-creating-admin-accounts-executing-commands-as-root/


4.QualysÅû¶EximÖÐÓ°ÏìÊý°ÙÍǫ̀·þÎñÆ÷µÄ·ì϶21Nails


4.jpg


QualysÅû¶EximÓʼþ´«Êä´úÀí£¨MTA£©Èí¼þÓ°ÏìÊý°ÙÍǫ̀·þÎñÆ÷µÄ21¸ö·ì϶ £¬Í³³ÆÎª21Nails¡£ÕâЩ·ì϶ÓÐ10¸ö¿É±»Ô¶³ÌÀûÓà £¬Áí±í11¸öΪ±¾µØ·ì϶ £¬Î´¾­Éí·ÝÑéÖ¤µÄ¹¥»÷Õß¿É×éºÏʹÓÃÕâЩ·ì϶ £¬À´Ô¶³ÌÖ´ÐдúÂë £¬²¢ÔÚExim ServerÉÏ»ñµÃrootȨÏÞ¡£ÕâЩ·ì϶±ðÀëΪqueue_run£¨£©ÖеĶѻº³åÇøÒç¶Âí½Å£¨CVE-2020-28011£©¡¢tls-openssl.cÖеĿªÊͺóʹÓ÷ì϶£¨CVE-2020-28018£©µÈ¡£×êÑÐÈËÔ±½¨ÒéÓû§µ±¼´Éý¼¶µ½×îеĿÉÓÃExim°æ±¾¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/critical-21nails-exim-bugs-expose-millions-of-servers-to-attacks/


5.ºÚ¿Íͨ¹ýDiscord·Ö·¢Panda StealerÀ´ÇÔÈ¡¼ÓÃÜÇ®±Ò


5.jpg


Ç÷Ïò¿Æ¼¼×êÑÐÈËÔ±·¢ÏÖ £¬ºÚ¿Íͨ¹ýDiscord·Ö·¢Panda StealerÀ´ÇÔÈ¡¼ÓÃÜÇ®±Ò £¬ÖØÒªÕë¶ÔÃÀ¹ú¡¢°Ä´óÀûÑÇ¡¢ÈÕ±¾ºÍµÂ¹úµÈ¹ú¶ÈºÍµØÓò¡£Õâ´Î¹¥»÷»î¶¯µÄÀûÓÃÁ˼Ù×°³ÉÆóÒµ±¨¼ÛÒªÇóµÄ´¹µöÓʼþ £¬Í¨¹ýÆôÓöñÒâºêµÄ.XLSMÎĵµºÍÔ̺¬¶ñÒâExcel¹«Ê½µÄ.XLSMÁ½ÖÖ·½Ê½ £¬À´·Ö·¢Panda Stealer¡£¸Ã¶ñÒâÈí¼þÊÇCollector StealerµÄ±äÖÖ £¬´ÓÇ°ÔøÔÚ°µÍøºÍTelegramÉÏÏúÊÛ £¬¿ÉÇÔÈ¡ETH¡¢LTC¡¢BCN¡¢DASHµÈ¼ÓÃÜÇ®±Ò £¬ä¯ÀÀÆ÷CookieÒÔ¼°NordVPN¡¢Telegram¡¢DiscordºÍSteamµÈÕÊ»§Í´´¦¡£


Ô­ÎÄÁ´½Ó£º

https://www.zdnet.com/article/panda-stealer-dropped-in-discord-to-steal-user-cryptocurrency/


6.FireEye°ä²¼ÓйØUNC2529´¹µö»î¶¯µÄ·ÖÎö»ã±¨


6.jpg


FireEye°ä²¼ÁËÓйØUNC2529´¹µö»î¶¯µÄ·ÖÎö»ã±¨¡£FireEyeµÄMandiantÍŶӷ¢ÏÖ2020Äê12ÔÂ2ÈÕ £¬ºÍ2020Äê12ÔÂ11ÈÕÖÁ12ÔÂ18ÈÕÖ®¼ä²úÉúµÄÁ½ÂÖ´¹µö»î¶¯ £¬ÖØÒªÒÔÃÀ¹ú¡¢Å·ÖÞ¡¢Öж«¡¢·ÇÖÞ¡¢ÑÇÖ޺ͰĴóÀûÑǵĹ«Ë¾ÎªÖ¸±ê¡£¹¥»÷Õß×ܹ²Ê¹ÓÃÁ˳¬¹ý50¸öÓò £¬ÀûÓö¨ÔìµÄ´¹µöÓʼþ £¬Õë¶ÔÔ̺¬¹ú·À¡¢Ò½Ò©¡¢ÔËÊä¡¢¾üʺ͵ç×ÓµÈ·ÖÆçµÄÐÐÒµ¡£ÔÚÒ»´Î¹¥»÷»î¶¯ÖÐ £¬UNC2529³É¹¦ÈëÇÖÁËÃÀ¹úÒ»¼Ò¹©ÎÂůÔìÀä·þÎñ¹«Ë¾µÄÓò²¢´Û¸ÄÁËÆäDNS¼Í¼¡£ 


Ô­ÎÄÁ´½Ó£º

https://www.fireeye.com/blog/threat-research/2021/05/unc2529-triple-double-trifecta-phishing-campaign.html