GE ³¬ÉùÉ豸·ì϶°Ù³öÒ×Ôâ·êÀÕË÷Èí¼þºÍÊý¾Ý͵ÇÔ

°ä²¼¹¦·ò 2024-05-20
1. GE ³¬ÉùÉ豸·ì϶°Ù³öÒ×Ôâ·êÀÕË÷Èí¼þºÍÊý¾Ý͵ÇÔ


5ÔÂ17ÈÕ £¬×êÑÐÈËÔ±ÔÚ GE HealthCare µÄ Vivid Ultrasound ϵÁвúÆ·ÒÔ¼°Á½¸öÓйØÈí¼þ·¨Ê½Öз¢ÏÖÁË 11 ¸ö°²È«·ì϶¡£ÎÊÌâ¶àÖÖ¶àÑù £¬Ô̺¬Ãô¸ÐÊý¾Ý¶Ìȱ¼ÓÃÜ¡¢Ê¹ÓÃÓ²±àÂëÍ´´¦µÈµÈ¡£CVSS 3.1 ÆÀ·ÖϵͳµÄÑϳÁˮƽ´Ó 5.7 µ½ 9.6 ²»µÈ¡£ÕýÈç Nozomi NetworksÔÚÆä»ã±¨ÖÐËùÚ¹Ê͵ÄÄÇÑù £¬ÕâЩÃýÎó¿ÉÄܻᵼÖÂÓµÓÐÆëȫȨÏÞµÄÔ¶³Ì´úÂëÖ´ÐÐ (RCE) ÒÔ¼°´ËÀàȨÏÞ¿ÉÄÜ´øÀ´µÄÈκÎÊýÁ¿µÄ¹¥»÷³¡¾°¡£È»¶ø £¬×îÑϳÁµÄÇé¿ö»¹±ØÒªÎïÀí½Ó¼ûÓйØÉ豸 £¬´Ó¶ø´ó´ó½µµÍÒ½ÁÆ»ú¹¹µÄDZÔÚ·çÏÕ¡£ÊÂʵÉÏ £¬³¬Éù²¨»úÓÃÓÚ±í²¿ÈËԱʱʱ½Ó¼ûµÄÒ½ÔººÍÕïËù £¬¶ø28Ȧ×êÑÐÅú×¢ £¬Ö»ÐèÒ»·ÖÖÓµÄÎïÀí½Ó¼û¾Í×ãÒÔÖ´Ðй¥»÷¡£Òò¶ø £¬ÎÒÃÇÒÔΪ²»½öÊǶñÒâµÄÄÚ²¿ÈËÔ± £¬µ«±íÈËÒ²¿ÉÄÜÓлúÓöʵÏÖ¹¥»÷¡£


https://www.darkreading.com/vulnerabilities-threats/ge-ultrasound-gear-riddled-with-bugs-open-to-ransomware-data-theft


2. µç×Ó´¦·½ÌṩÉÌ MEDISECURE Êܵ½ÀÕË÷Èí¼þ¹¥»÷µÄÓ°Ïì


5ÔÂ16ÈÕ £¬°Ä´óÀûÑǵĵç×Ó´¦·½ÌṩÉÌ MediSecure Ôâ·êÁË¿ÉÄÜÀ´×ÔµÚÈý·½¹©¸øÉ̵ÄÀÕË÷Èí¼þ¹¥»÷¡£MediSecure ÊÇÒ»¼ÒÌṩÊý×Ö½¡È«½â¾ö¹æ»®µÄ¹«Ë¾ £¬³ö¸ñרһÓÚ°Ä´óÀûÑǵݲȫµç×Ó´¦·½½»¸¶·þÎñ¡£¸Ã¹«Ë¾ÔÚÔâ·êÍøÂç¹¥»÷ºó±»ÆÈ¹Ø¹ØÆäÍøÕ¾ºÍµç»°Ïß· £¬µ«Ã»ÓÐÌá¼°ÀÕË÷Èí¼þ¹¥»÷¡£ÍþвÐÐΪÕß»ñµÃÁËÊýÁ¿²»ÏêµÄÓ×ÎÒµÄÓ×ÎҺͽ¡È«ÐÅÏ¢¡£¸Ã¹«Ë¾ÈÔÔÚ¹ú¶ÈÍøÂ簲ȫЭµ÷Ô±µÄÔ®ÊÖϵ÷²éÕâÒ»°²È«·ì϶ £¬µ«¸Ã¹«Ë¾Ð¹Â© £¬ÔçÆÚ¼£ÏóÅú×¢¸ÃÊÂÎñÔ´×ÔÆäµÚÈý·½¹©¸øÉÌÖ®Ò»¡£


https://securityaffairs.com/163257/cyber-crime/medisecure-impacted-by-ransomware-attack.html


3. ºÚ¿ÍʹÓÃÐéα DocuSign Ä£°åÀ´Ú¿Æ­×éÖ¯


5ÔÂ17ÈÕ £¬Ê¹Óÿ´ËÆÀ´×Ô DocuSign µÄµç×ÓÓʼþµÄÍøÂç´¹µö¹¥»÷¼¤Ôö £¬ÊÇÓɶíÂÞ˹°µÍøÊг¡Íƶ¯µÄ £¬¸ÃÊг¡Õ¼Óи÷ÀàÄ£°åºÍµÇ¼ʹ´¦¡£ÕâЩڲƭÐÔµç×ÓÓʼþ¾­¹ý¾«ÐÄÉè¼Æ £¬Ö¼ÔÚ·ÂÕպϷ¨µÄÎĵµÊðÃûÒªÇó £¬ÒýÓÕºÁÎÞ½äÐĵÄÊÕ¼þÈ˵ã»÷¶ñÒâÁ´½Ó»òй¼ûô¸ÐÐÅÏ¢¡£×î½üÕâЩ¹¥»÷µÄÔö³¤¿É¹éÒòÓÚ¼¸¸ö³É·Ö £¬Ô̺¬¸Ãƽ̨ÔÚ¸÷¸öÐÐÒµµÄ¿í·ºÑ¡È¡¡¢ÆäÖµµÃÐÅÈεÄÃûÓþ £¬ÒÔ¼°×î³ÁÒªµÄÊÇÍøÂç·¸×ïÕ½ÊõµÄÈÕÒæ¸´ÔÓ¡£ÔÚÕâÖÖÇé¿öÏ £¬Òì³£×êÑÐÈËÔ±´Ó¶Ô¿Í»§µÄÒ»´Î¹¥»÷ÖлñÈ¡ÁËÐÅÏ¢ £¬²¢ÔÚµØÏÂÂÛ̳ºÍÍøÂçÉϽøÐÐÁËËÑË÷¡£×îÖÕ £¬ËÑË÷½«ËûÃÇ´øµ½Á˶íÂÞ˹Êг¡ £¬ÔÚÄÇÀïËûÃÇÕÒµ½ÁËÒ»ÑùµÄ DocuSign Ä£°å¡£²»Á¼ÐÐΪÕßÔËÐÐÍøÂç´¹µö»î¶¯Ê± £¬»áÊÔͼͨ¹ýÈõç×ÓÓʼþ¿´ÆðÀ´À´×ԺϷ¨ÆðÔ´£¨ÀýÈçÆóÒµ»òÓ×ÎÒ£©À´ÓªÔìÕæÊµµÄ·ÕΧ £¬ÕâÖÖÇé¿ö²¢²»º±¼û¡£½ü¼¸¸öÔÂÀ´ £¬Óб¨Â·³Æ £¬ÓÐÈËÔÚÊÕµ½¿´ËÆÀ´×ÔÃÀ¹úÓÊÕþ·þÎñµÄ¶ÌÐźóÏÝÈëÚ¿Æ­¡£


https://securityboulevard.com/2024/05/hackers-use-fake-docusign-templates-to-scam-organizations/


4. ɣ̹µÂÒøÐвúÉúÊý¾ÝÐ¹Â¶Éæ¼°µÚÈý·½¹©¸øÉÌ


5ÔÂ18ÈÕ £¬Î÷°àÑÀÒøÐлú¹¹É£Ì¹µÂÒøÐÐ (Santander) °ä·¢ £¬¸Ã»ú¹¹×î½üÔâ·êÁËÒ»´ÎÊý¾Ýй¶ £¬Êܺ¦Õß»ñµÃÁ˶ԵÚÈý·½ÌṩÉÌÍйܵÄÊý¾Ý¿âµÄ½Ó¼ûȨÏÞ¡£Î¥¹æÊÂÎñ²úÉúºó £¬É£Ì¹µÂÒøÐе±¼´²ÉÈ¡Ðж¯ £¬Í¨¹ý×èÖ¹¶ÔÊÜËðÊý¾Ý¿âµÄ½Ó¼ûÀ´ÏÞ¶ÈÈëÇÖÁìÓò¡£¸Ã¹«Ë¾ÔÚÒ»·ÝÐÂΟåÖаµÊ¾ £¬»¹³ÉÁ¢ÁËڲƭԤ·À½ÚÔì´ëÊ© £¬ÒÔ±£»¤ÊÜÎ¥¹æÓ°ÏìµÄ¿Í»§ £¬µ«Î´Ìá¼°ÌṩÉ̵ÄÃû³Æ¡£É£Ì¹µÂÒøÐеÄÒ»·ÝÉêÃ÷³Æ£º¡°Êý¾Ý¿âÖв»Ô̺¬ÂòÂôÊý¾Ý £¬Ò²²»Ô̺¬ÈκÎÔÊÐíÔÚÕË»§ÉϽøÐÐÂòÂôµÄƾ֤ £¬Ô̺¬ÍøÉÏÒøÐоßÌåÐÅÏ¢ºÍÃÜÂë¡£¡±Ëü»¹Ö¸³ö £¬ÒøÐеÄÔËÓªºÍϵͳûÓÐÊܵ½Ó°Ïì £¬ÕâÒâζ×ſͻ§ÒÀÈ»Äܹ»Ñ¡Ôñ½øÐÐÂòÂô¡£ÔÚ¶ÔÍøÂçÊÂÎñµÄµ÷²éÖÐ £¬¸Ã¹«Ë¾·¢ÏÖÓëÖÇÀû¡¢Î÷°àÑÀºÍÎÚÀ­¹ç¿Í»§ÓйصÄÐÅÏ¢ÒÔ¼°²¿ÃÅǰɣ̹µÂÒøÐÐÔ±¹¤µÄÐÅÏ¢±»½Ó¼û¡£


https://www.darkreading.com/cyberattacks-data-breaches/santander-falls-victim-to-data-breach-involving-third-party-provider


5. Kimsuky ºÚ¿ÍÔÚ¶Ôº«¹úµÄ¹¥»÷Öв¿ÊðÐ嵀 Linux ºóÃÅ


5ÔÂ18ÈÕ £¬³¯ÏʺڿÍ×éÖ¯ Kimsuki Ò»ÏòÔÚʹÓÃÒ»ÖÖÃûΪ Gomir µÄРLinux ¶ñÒâÈí¼þ £¬ËüÊÇͨ¹ýľÂíÈí¼þ×°Ö÷¨Ê½´«²¼µÄ GoBear ºóÃŵÄÒ»¸ö°æ±¾¡£Kimsuky ÊÇÒ»¸öÊܹú¶ÈÖ§³ÖµÄÍþвÐÐΪÕß £¬Ó볯Ïʾüʵý±¨»ú¹¹¿úËÅ×Ü¾Ö (RGB) ÓÐÁªÏµ¡£2024 Äê 2 ÔÂÉÏÑ® £¬SW2 Íþвµý±¨¹«Ë¾µÄ×êÑÐÈËÔ±»ã±¨ÁËÒ»Ïî»î¶¯ £¬ÆäÖÐ Kimsuky ʹÓø÷ÀàÈí¼þ½â¾ö¹æ»®µÄľÂí°æ±¾£¨ÀýÈç SGA Solutions¡¢Wizvera VeraPort µÄ TrustPKI ºÍ NX_PRNMAN£© £¬ÀûÓà Troll Stealer ºÍ»ùÓÚ Go µÄ¶ñÒâÈí¼þϰȾº«¹úÖ¸±ê¡£Windows ¶ñÒâÈí¼þ GoBear¡£Broadcom ¹«Ë¾ÈüÃÅÌú¿ËµÄ·ÖÎöʦÔÚµ÷²éÕë¶Ôº«¹úµ±¾Ö×éÖ¯µÄͳһ»î¶¯Ê±·¢ÏÖÁËÒ»ÖÖеĶñÒ⹤¾ß £¬¸Ã¹¤¾ßËÆºõÊÇ GoBear ºóÃÅµÄ Linux ±äÌå¡£


https://www.bleepingcomputer.com/news/security/kimsuky-hackers-deploy-new-linux-backdoor-in-attacks-on-south-korea/


6. Singing RiverµÄÒ½ÁÆÏµÍ³²úÉú´ó¹æÄ£Êý¾Ýй¶


5ÔÂ17ÈÕ £¬ÃÜÎ÷Î÷±ÈÖÝ Singing River µÄÒ»¼ÒÖØÒªÒ½ÁƱ£½¡ÌṩÉÌ×î½üÅû¶ £¬2023 Äê 8 ÔµÄÒ»´ÎÍøÂç¹¥»÷Ó°ÏìÁË 895,204 È˵ÄÊý¾Ý¡£¸ÃÒ½ÁÆÍøÂçÔ̺¬ÅÁ˹¿¨¹ÅÀ­¡¢º£ÈªÊк͸ñ¶û·ò²¨ÌصÄÒ½ÔºÒÔ¼°¸ÃµØÓòµÄÆäËûÒ½ÁÆ»ú¹¹¡£2023 Äê 8 Ô 19 ÈÕ £¬¸Ã¹«Ë¾°ä·¢³ÉΪ¸´ÔÓÀÕË÷Èí¼þ¹¥»÷µÄÊܺ¦Õß £¬µ¼ÖÂÒ½ÔºÖжϺÍDZÔÚµÄÊý¾Ý͵ÇÔ¡£½ØÖÁ 8 ÔÂµ× £¬¸Ã×éÖ¯Òѱ»ÁÐÈëÃÀ¹úÎÀÉúÓ빫¼Ò·þÎñ²¿ÃñȨ°ì¹«ÊÒµÄÎ¥¹æÃÅ»§ÍøÕ¾ £¬ÊÜÓ°ÏìÈËÊýÔݶ¨Îª 501 ÈË¡£2023 Äê 9 Ô 13 ÈÕ £¬È·ÈÏÊý¾Ý±»µÁ £¬½ØÖÁͬÄê 12 Ô 18 ÈÕ £¬¾Ý±¨Â·¸Ã·ì϶ÒÑÓ°Ïì 252,890 ÈË¡£¼¸ÌìǰÏòÃåÒòÖݵ±¾ÖÌṩµÄ×îиüÐÂÏÔʾ £¬ÊÜÓ°ÏìÈËÊýÔö³¤ÖÁ 895,204 ÈË¡£


https://meterpreter.org/massive-data-breach-at-singing-river-health-system-nearly-900000-affected/