Guardian Healthcare³Á×éÆÚ¼äÔâStormousÀÕË÷Èí¼þ¹¥»÷

°ä²¼¹¦·ò 2024-11-12

1. Guardian Healthcare³Á×éÆÚ¼äÔâStormousÀÕË÷Èí¼þ¹¥»÷


11ÔÂ8ÈÕ £¬±öϦ·¨ÄáÑÇÖݵÄGuardian HealthcareÔÚ³Á×éÆÚ¼äÔâ·êÁËStormousÀÕË÷Èí¼þ¹¥»÷ £¬µ¼ÖÂ3GBÔ̺¬Êܱ £»¤µÄ»¼Õß½¡È«ÐÅÏ¢µÄÎļþ±»Ð¹Â¶ £¬Ö»¹ÜÎ´Éæ¼°EMRϵͳ»òÕû¸öÊý¾Ý¿â ¡£DataBreachesÊÔͼÁªÏµGuardian HealthcareÏàʶӦ¶Ô´ëÊ© £¬µ«Î´»ñ»ØÓ¦ ¡£¾ÝStormous½²»°ÈËй© £¬¹¥»÷Õßͨ¹ýOffice»ñÈ¡Á˶à¸öÕË»§½Ó¼ûȨÏÞ £¬¼ÙÒâÕË»§Õë¶ÔGuardianµÄÒ»×鹨¼üÔ±¹¤»òȺ×éÌáÒé¹¥»÷ £¬7GBÊý¾Ý±»ÌáÈ¡ £¬ÆäÖÐ3GB±»Ð¹Â¶ ¡£Ö»¹ÜGuardianÒÑͨ´ïÈëÇÖÊÂÎñ²¢ÓëStormousÓйý½Ó´¥ £¬µ«Î´²ÉÈ¡³Á´ó·´Ó³ £¬µ¼ÖÂÊý¾Ý×îÖÕ±»Ð¹Â¶ ¡£Stormous»¹Ö¤Êµ £¬GuardianµÄÎļþÔÚ¹¥»÷ÆÚ¼ä±»¼ÓÃÜ ¡£È»¶ø £¬Ä¿Ç°Éв»Ã÷ÏÔGuardianÊÇ·ñÓпÉÓñ¸·Ý»ò»¼ÕßÊý¾ÝÊÇ·ñÒò¹¥»÷¶øÊÜËð»òÃÔʧ £¬ÊÜÓ°Ï컼Õß¿ÉÄÜÒ²²»ÖªÇé ¡£


https://databreaches.net/2024/11/08/in-the-midst-of-restructuring-guardian-healthcare-hit-by-ransomware-attack/


2. AT&TÔâ·ê´ó¹æÄ£Êý¾Ýй¶ £¬Êý°ÙÍò¿Í»§ÐÅÏ¢Ãæ¶Ô·çÏÕ


11ÔÂ8ÈÕ £¬AT&T½üÆÚÔâ·êÁË´ó¹æÄ£Êý¾Ýй¶ÊÂÎñ £¬Êý°ÙÍò¿Í»§µÄÓ×ÎÒÐÅÏ¢ÔÚ2022Äê5ÔÂÖÁ10Ô¼°2023Äê1ÔÂÆÚ¼ä±»µÁ £¬²¢ÓÚ2024Äê4Ô±»·¢ÏÖ ¡£Ð¹Â¶µÄÊý¾ÝÔ̺¬¿Í»§ÐÕÃû¡¢µØÖ·¡¢µç»°ºÅÂëºÍÕË»§¾ßÌåÐÅÏ¢ £¬µ«²»º¬Í¨»°ÄÚÈÝ¡¢¶ÌÐÅ»òÉç»á°²È«ºÅÂë ¡£Õâ´ÎÊÂÎñÓ°ÏìÉîÔ¶ £¬Ê¹¿Í»§Ãæ¶ÔÉí·Ý͵ÇÔºÍڲƭµÄ·çÏÕ £¬Í¬Ê±ÇÖº¦ÁËAT&TµÄÃûÓþ ¡£¾ÝÐÅ £¬Ð¹Â¶ÊÂÎñÓëδ¾­ÊÚȨµÄÓ×ÎÒ½Ó¼ûAT&TϵͳÓйØ £¬¶ø¾ßÌåµÄÈëÇÖϸ½ÚÉв»Ã÷ÏÔ ¡£Õâ´ÎйÃÜÊÂÎñ»¹Òý·¢ÁËÈËÃǶÔAT&TÊÇ·ñ×ñÊØÐÐÒµ³ß¶ÈºÍÂÉÀýµÄÖÊÒÉ ¡£ÎªÓ¦¶ÔÕâ´ÎÊÂÎñ £¬AT&TÏòÊÜÓ°ÏìµÄ¿Í»§ÌṩÃâ·ÑÐÅÓþ¼à¿Ø·þÎñ £¬²¢Ö´ÐÐÁ˶î±íµÄ°²È«´ëÊ© ¡£Í¬Ê± £¬¸ÃÊÂÎñÒ²ÌáÐÑÎÒÃÇÍøÂ簲ȫ´ëÊ©µÄ³ÁÒªÐÔ £¬×éÖ¯±ØÐë²ÉÈ¡×Ô¶¯´ëÊ©± £»¤¿Í»§ÐÅÏ¢ £¬²¢´Óһ·ͷ¾ÍÔ¤·ÀйÃÜÊÂÎñ²úÉú ¡£×÷Ϊ¿Í»§ £¬ÎÒÃÇҲӦά³Ö¾¯Ìè £¬Ç×êÇ¼à¿ØÕË»§»î¶¯ £¬¸ü¸ÄÃÜÂë²¢ÆôÓÃË«³É·ÖÉí·ÝÑéÖ¤ £¬Ë¼¿¼¶³½áÐÅÓþ»ã±¨ £¬ÒÔ¼°ÊµÊ±ÏàÊ¶ÍøÂ簲ȫÐÂÎźÍ×î¼Ñʵ¼Ê £¬ÒÔ½µµÍ³ÉÎªÍøÂç·¸×ïÊܺ¦ÕߵķçÏÕ ¡£


https://www.cyberdefensemagazine.com/the-att-phone-records-stolen/


3. ÑÇÂíÑ·¼°¶à¼Ò³ÛÃûÆóÒµÔâMOVEitÊý¾Ý͵ÇÔ¹¥»÷ £¬Ô±¹¤ÐÅϢй¶


11ÔÂ11ÈÕ £¬ÑÇÂíѷ֤ʵ £¬ÔÚ2023Äê5Ô²úÉúÁËһ·Êý¾Ýй¶ÊÂÎñ £¬Éæ¼°280¶àÍòÐÐÔ±¹¤ÐÅÏ¢ £¬Ô̺¬ÐÕÃû¡¢ÁªÏµÐÅÏ¢¡¢¹¹ÖþµØÎ»ºÍµç×ÓÓʼþµØÖ·µÈ £¬ÕâЩÊý¾ÝÊÇ´ÓÒ»¼ÒµÚÈý·½·þÎñÌṩÉ̵ÄϵͳÖб»µÁµÄ £¬²¢ÔÚºÚ¿ÍÂÛ̳Éϱ»Ð¹Â¶ ¡£¾Ý³Æ £¬Õâ´Îй¶ÊÇÓÉÍþвÐÐΪÕßNam3L3ssËùΪ £¬Ëû»¹Ð¹Â¶ÁËÆäËû25¼Ò¹«Ë¾µÄÊý¾Ý ¡£ÕâЩÊý¾Ý͵ÇÔ¹¥»÷ÀûÓÃÁËMOVEit Transfer°²È«Îļþ´«ÊäÆ½Ì¨ÖеÄÁãÈÕ°²È«·ì϶ £¬Ó°ÏìÁËÈ«ÇòÊý°Ù¼Ò×éÖ¯ £¬Ô̺¬åÚÏë¡¢»ÝÆÕ¡¢TIAA¡¢Ê©Íß²¼¡¢»ã·áÒøÐÓ×¢´ïÃÀº½¿Õ¡¢Âóµ±Àͺʹó³ÇÊÐÈËÊٵȳÛÃû¹«Ë¾ ¡£¾Ý³Æ £¬ÕâЩÊý¾ÝÊÇ´ÓÒ»¼Ò¹©¸øÉÌÄÇÀï±»µÁµÄ £¬´Ë¿ÌÒÑ×÷ΪÊÜÓ°Ïì¿Í»§µÄµ¥¶ÀÊý¾Ý¼¯°ä²¼ ¡£ÍøÂç·¸×ïÍÅ»ïËæºóÆðÍ·ÀÕË÷Êܺ¦Õß £¬²¢ÔÚ°µÍøÐ¹Â©ÍøÕ¾É϶³öÁËËûÃǵÄÃû×Ö ¡£ÕâЩ¹¥»÷µÄºó¹ûÑϳÁ £¬µ¼ÖÂÊýǧÍòÈ˵ÄÊý¾Ý±»µÁ £¬±»ÓÃÓÚÀÕË÷´òËã»òй¶µ½ÍøÉÏ ¡£ÑÇÂíÑ·°µÊ¾ £¬±»ÈëÇֵĹ©¸øÉÌÖ»ÄܽӼûÔ±¹¤ÁªÏµÐÅÏ¢ £¬Ã»ÓÐÃô¸ÐµÄÔ±¹¤ÐÅÏ¢±»½Ó¼û»òÇÔÈ¡ £¬¸Ã¹©¸øÉÌÒѾ­½¨²¹Á˰²È«·ì϶ ¡£


https://www.bleepingcomputer.com/news/security/amazon-confirms-employee-data-breach-after-vendor-hack/


4. ÐÂÀÕË÷Èí¼þ¼Ò×å¡°Ymir¡¹Ø¸Â¶Í·½Ç £¬ÓëRustyStealer¶ñÒâÈí¼þÓйØÁª


11ÔÂ11ÈÕ £¬½üÆÚÒ»ÖÖÃûΪ¡°Ymir¡±µÄÐÂÐÍÀÕË÷Èí¼þ¼Ò×åÔÚÒ°±í±»·¢ÏÖ £¬ËüÓëÒÑÖªµÄRustyStealer¶ñÒâÈí¼þ¼Ò×åÓйØÁª ¡£YmirÀÕË÷Èí¼þÒÔÆäÄÚ´æÖ´ÐÓעʹÓ÷ÇÖÞÁÖ¼ÓÀ­Óï×¢½â¡¢PDFÀÕË÷±Ê¼Ç¼°À©´óÅäÖÃÑ¡ÏîµÈÌØµãÖø³Æ ¡£¾Ý¿¨°Í˹»ù³¢ÊÔÊÒ×êÑÐÈËÔ±·ÖÎö £¬Ymirͨ³£ÔÚRustyStealerÆ¾Ö¤ÍøÂ繤¾ßÉøÈëÖ¸±êϵͳºó²¿Ê𠣬ÀûÓøßȨÏÞÕÊ»§½øÐÐδÊÚȨ½Ó¼ûºÍºáÏòÒÆ¶¯ ¡£¹¥»÷ÕßʹÓÃWinRM¡¢PowerShellµÈ¹¤¾ß £¬²¢×°ÖÃProcess Hacker¡¢Advanced IP ScannerµÈ £¬Ö´ÐÐÓëSystemBC¶ñÒâÈí¼þÓйصľ籾 £¬³ÉÁ¢°ÂÃØÍ¨Â· ¡£ÔÚ¼áÈͰ²Éíµã²¢¿ÉÄÜÇÔÈ¡Êý¾Ýºó £¬Ymir×÷Ϊ×îÖÕÓÐÐ§ÔØºÉ±»²¿Êð ¡£YmirÆëÈ«´ÓÄÚ´æÖÐÔËÐÐ £¬ÀûÓÃÌØ¶¨º¯ÊýÌӱܼì²â £¬Ö´ÐÐϵͳ¿úËÅ £¬Ô¤·À¼ÓÃܹؼüϵͳÎļþ £¬²¢Ê¹ÓÃChaCha20Á÷ÃÜÂë¼ÓÃÜÎļþ ¡£Ëü»¹Åú¸ÄWindows×¢²á±íÒÔÏÔʾÀÕË÷ÒªÇó £¬²¢¿ÉÄÜʹÓÃPowerShellɾ³ý¿ÉÖ´ÐÐÎļþÒÔÌӱܷÖÎö ¡£Ö»¹ÜYmirÉÐδ³ÉÁ¢Êý¾ÝÐ¹Â¶ÍøÕ¾ £¬µ«¿¨°Í˹»ùÖÒ¸æ³Æ £¬Ëü¿ÉÄÜѸ¿ì³ÉΪһÖÖ¿í·ºµÄÍþв ¡£


https://www.bleepingcomputer.com/news/security/new-ymir-ransomware-partners-with-rustystealer-in-attacks/


5. Hot TopicµÈÈýÆ·ÅÆÊý¾Ýй¶ £¬5690ÍòÕË»§ÐÅÏ¢ÔâÆØ¹â


11ÔÂ11ÈÕ £¬¾ÝHave I Been PwnedÖÒ¸æ £¬Hot Topic¡¢Box LunchºÍTorrid¿Í»§µÄÓ×ÎÒÐÅÏ¢Ô⵽й¶ £¬Éæ¼°56904909¸öÕË»§ ¡£Ð¹Â¶ÐÅÏ¢Ô̺¬È«Ãû¡¢µç×ÓÓʼþµØÖ·¡¢µ®ÉúÈÕÆÚ¡¢µç»°ºÅÂë¡¢ÏÖʵµØÖ·¡¢²É°ìº¹ÇàÒÔ¼°²¿ÃÅÐÅÓþ¿¨Êý¾Ý ¡£2024Äê10ÔÂ21ÈÕ £¬Ò»ÃûÍþв·Ö×ÓÔÚBreachForumsÉÏÐû³Æ´ÓÕâÈý¼Ò¹«Ë¾ÇÔÈ¡ÁË3.5ÒÚÌõÓû§¼Í¼ £¬²¢ÊÔͼÒÔ2ÍòÃÀÔªÏúÊÛÊý¾Ý¿â £¬Í¬Ê±ÒªÇóHot TopicÖ§¸¶10ÍòÃÀÔªÊê½ð ¡£Hot TopicÊÇÒ»¼ÒÃÀ¹úÁãÊÛÁ¬Ëøµê £¬×¨ÃÅ´ÓÊ·´Ö÷Á÷ÎÄ»¯Óйصķþ×°¡¢ÅäÊκÍÌØÐíÒôÀÖÉÌÆ· ¡£Hot Topicδ¶Ô´ËÊÂ×÷³ö»ØÓ¦ ¡£Êý¾Ý·ÖÎö¹«Ë¾Atlas Privacy»ã±¨³Æ £¬ÏÖʵÊÜÓ°Ïì¿Í»§ÊýΪ5400Íò £¬Ô̺¬2500Íò¸öÈõÃÜÂë¼ÓÃܵÄÐÅÓþ¿¨ºÅÂë ¡£Êý¾ÝÐ¹Â¶ËÆºõ²úÉúÔÚ10ÔÂ19ÈÕ £¬Êý¾Ý¿ç¶È´Ó2011Äêµ½¸ÃÈÕÆÚ ¡£Hot TopicÒѳÉÁ¢ÍøÕ¾¹©¿Í»§²é³­ÐÅÏ¢ÊÇ·ñй¶ ¡ £¿ÉÄÜÊÜÓ°ÏìµÄ¿Í»§Ó¦¾¯ÌèÍøÂç´¹µö¹¥»÷ £¬²¢Ç×êÇ¼à¿Ø²ÆÕþÕË»§ ¡£


https://www.bleepingcomputer.com/news/security/hibp-notifies-57-million-people-of-hot-topic-data-breach/


6. ¹þÀï²®¶ÙÔâÀÕË÷Èí¼þ¹¥»÷ £¬Ëðʧ3500ÍòÃÀÔª²¢Ãæ¶ÔÊý¾Ýй¶·çÏÕ


11ÔÂ11ÈÕ £¬¹þÀï²®¶ÙÊÇÒ»¼ÒÔÚ70¸ö¹ú¶ÈÕ¼ÓÐ48000ÃûÔ±¹¤¡¢ÄêÊÕÈ볬¹ý230.2ÒÚÃÀÔªµÄÈ«ÇòÄÜÔ´ÐÐÒµ²úÆ·ºÍ·þÎñ¹©¸øÉÌ £¬ÔÚ2024Äê8ÔÂÔâ·êÁËÀÕË÷Èí¼þ¹¥»÷ ¡£Õâ´Î¹¥»÷µ¼Ö¸ù«Ë¾¹Ø¹ØITϵͳ²¢¶Ï¿ª¿Í»§ÏνÓ £¬Ôì³ÉÔ¼3500ÍòÃÀÔªµÄËðʧ ¡£¾ÝÏòÃÀ¹ú֤ȯÂòÂôίԱ»áÌá½»µÄÎļþÏÔʾ £¬Î´¾­ÊÚȨµÄµÚÈý·½½Ó¼ûÁËÆäϵͳ £¬¹þÀï²®¶ÙËæºó¹Ø¹ØÁ˲¿ÃÅIT»ù´¡ÉèÊ©ÒÔÓ¦¶ÔÕâÒ»·ì϶ ¡£¼¸Ììºó £¬ÀÕË÷Èí¼þÍÅ»ïRansomHub¶ÔÕâ´ÎÏ®»÷ÕÆ¹Ü £¬²¢´Ó¹«Ë¾ÍøÂçÖÐÇÔÈ¡ÁËÊý¾Ý £¬µ«¾ßÌåÐÅÏ¢ÀàÐͺÍÁìÓòÈÔÔÚµ÷²éÖÐ ¡£Ö»¹Ü¸ÃÊÂÎñ¶Ô¹þÀï²®¶ÙµÄ²ÆÕþÓ°ÏìÓÐÏÞ £¬µ«ÈôÊÇÀÕË÷ÍÅ»ïÏúÊÛ»òй¶¹þÀï²®¶Ù¿Í»§µÄÊý¾Ý £¬¸Ã¹«Ë¾¿ÉÄÜ»áÎî¶Ô˾·¨ËßËϺͶî±íµÄ²ÆÕþ³É±¾ ¡£¹þÀï²®¶Ù¹«Ë¾¶­Ê³¤¡¢×ܲüæÊ×ϯִÐйٽܷò¡¤Ã×ÀÕ°µÊ¾ £¬Ö»¹ÜÊܵ½ÍøÂ簲ȫÊÂÎñ΢·ç±©µÄÓ°Ïì £¬¹«Ë¾¶Ô×ÔÓÉÏÖ½ðÁ÷ºÍ¹É¶«ÏÖ½ð»Ø±¨µÄÕûÄêÔ¤ÆÚά³Ö²»±ä ¡£


https://www.bleepingcomputer.com/news/security/halliburton-reports-35-million-loss-after-ransomware-attack/