ÒÔÉ«ÁÐÐÅÓþ¿¨ÏµÍ³ÔâÒÉËÆÒÁÀʺڿÍDDoS¹¥»÷

°ä²¼¹¦·ò 2024-11-13

1. ÒÔÉ«ÁÐÐÅÓþ¿¨ÏµÍ³ÔâÒÉËÆÒÁÀʺڿÍDDoS¹¥»÷


11ÔÂ10ÈÕ £¬ÒÔÉ«Áи÷µØµÄÐÅÓþ¿¨Ë¢¿¨É豸ͻ·¢¹ÊÕÏ £¬µ¼Ö³¬ÊкͼÓÓÍÕ¾µÄ¹Ë¿ÍÎÞ·¨½øÐÐÖ§¸¶ £¬³ÖÐøÔ¼Ò»Ó×ʱ¡£¾Ý¡¶Ò®Â·ÈöÀäÓʱ¨¡·±¨Â· £¬¹ÊÕÏÔ­ÒòÊDZ¾µØÖ§¸¶Íø¹Ø¹«Ë¾HypÆìϵÄCreditGuard²úÆ·Ôâ·êÁËÉ¢²¼Ê½»Ø¾ø·þÎñ£¨DDoS£©¹¥»÷ £¬¸Ã¹¥»÷ÇÖÈÅÁËÐÅÓþ¿¨ÖÕ¶ËÓëÖ§¸¶ÏµÍ³¼äµÄͨѶ £¬µ«²¢Î´µ¼ÖÂÊý¾Ýй¶¡£Hyp¹«Ë¾½²»°È˰µÊ¾ £¬¹¥»÷ÖØÒªÕë¶Ô²¿ÃÅ·þÎñ¼°Í¨Ñ¶ÌṩÉÌ £¬²¢Òѱ»Ñ¸¿ì¶ôÔì £¬·þÎñËæºó¸´Ô­¡£Ö»¹ÜÉв»Ã÷ÏÔ¹¥»÷ÕßÉí·Ý £¬µ«ÒÔÉ«ÁÐýÌåÖ¸³ö £¬Ò»¸öÓëÒÁÀÊÓйصĺڿÍ×éÖ¯Ðû³ÆÕƹÜ¡£Õâ´ÎÊÂÎñÓë10Ô·ÝÖ§¸¶¹«Ë¾ShebaÔâ·êµÄÀàËÆDDoS¹¥»÷ÀàËÆ £¬Æäʱ¹¥»÷µ¼ÖÂÖ§¸¶ÖжÏÈýÓ×ʱ¡£×Ô10ÔÂ7ÈÕ¿Ö²ÀÏ®»÷ÒÔÀ´ £¬ÒÔÉ«ÁÐÃñÓûù´¡ÉèÊ©ÒòµØÓòì¶ÜÔâ·êÁ˸ü¶àÍøÂç¹¥»÷ £¬ÖØÒªÓÉÓëÒÁÀʺÍÕæÖ÷µ³Óйصĺڿͼ¯Ìå¼°ÆäËûÕþÖζ¯»úºÚ¿ÍÌáÒé £¬²»½öÓ°ÏìÒÔÉ«Áб¾ÍÁ £¬»¹²¨¼°µØÓò±íµÄ»ù´¡ÉèÊ©¡£


https://therecord.media/cyberattack-causes-credit-card-readers-in-israel-to-malfunction


2. °¢»ôµÂµÂ¶ûº£×ÈÃÀ¹úÍøÂçÔâ¹¥»÷ £¬¶à¼Ò³ÛÃû³¬ÊÐÔËÓªÊÜÓ°Ïì


11ÔÂ13ÈÕ £¬ºÉÀ¼¹«Ë¾°¢»ôµÂµÂ¶ûº£×È £¬×÷ΪStop & Shop¡¢Hannaford¡¢Food LionºÍGiant FoodµÈÃÀ¹ú³ÛÃû³¬ÊÐÆ·ÅƵÄĸ¹«Ë¾ £¬½üÆÚÔâ·êÁËÍøÂç¹¥»÷ £¬µ¼ÖÂÆä±é²¼ÃÀ¹úµÄ2000¶à¼ÒÃŵê³öÏÖÎÊÌâ¡£¾Ý¸÷µØÐÂÎÅýÌ屨· £¬¾ÓÃñÎÞ·¨ÔÚÏßϳ¬ÊÐʵÏÖʳƷÔÓ»õÅäËͶ©µ¥ £¬²¿Ãų¬ÊÐÆ·ÅÆÍøÕ¾Ò²ÒÑÏÂÏß £¬Ö»¹ÜÉ̵êÈԿɽÓÊÜÐÅÓþ¿¨¸¶¿î²¢´¦Öò¿ÃÅÒ©Æ·¶©µ¥¡£°¢»ôµÂµÂ¶ûº£×ȹ«Ë¾ÒÑ֪ͨ·¨Âɲ¿ÃÅ £¬²¢Óë±í²¿ÍøÂ簲ȫר¼ÒºÏ×÷·¢Õ¹µ÷²é £¬Í¬Ê±²ÉÈ¡´ëÊ©ÆÀ¹À»ººÍ½âÎÊÌâ £¬Ô̺¬ÈÃһЩϵͳÀëÏßÒÔ±£»¤ËüÃÇ¡£Õâ´Î¹¥»÷Ó°ÏìÁ˹«Ë¾µÄÄ³Ð©Æ·ÅÆºÍ·þÎñ £¬Ô̺¬Ò»Ð©Ò©µêºÍµç×ÓÉÌÎñÒµÎñ¡£½ØÖÁ12ÈÕÏÂÎç £¬²¿Ãų¬ÊÐÆ·ÅÆÍøÕ¾ÒѸ´Ô­ £¬µ«HannafordµÄÍøÕ¾ÈÔ´¦ÓÚ̱»¾×´Ì¬ £¬²¢°ä²¼ÐÂÎųƸ´Ô­¹¤×÷ÔÚ½øÐÐÖÐ £¬Í¬Ê±ÌáÐѿͻ§Ò©·¿ºÍTo Go¶©µ¥Êܵ½µÄÓ°Ï졣ĿǰÉÐÎÞºÚ¿Í×éÖ¯Ðû³Æ¶ÔÕâ´Î¹¥»÷ÕÆ¹Ü £¬µ«ÁãÊÛµêºÍ³¬ÊÐʱʱ³ÉΪÀÕË÷Èí¼þÍÅ»ïºÍÍøÂç·¸×ïÍÅ»ïµÄ¹¥»÷Ö¸±ê¡£


https://therecord.media/dutch-company-stop-shop-hannaford-cyber


3. ³¯ÏʺڿÍÀûÓúϷ¨ÊðÃûÀûÓù¥»÷macOSϵͳ


11ÔÂ12ÈÕ £¬³¯ÏÊÍþвÐÐΪÕßÀûÓôøÓÐľÂíµÄ¼Çʱ¾ÀûÓ÷¨Ê½ºÍ»ùÓÚFlutter¿ò¼ÜµÄɨÀ×ÓÎÏ·¹¥»÷Apple macOSϵͳ £¬ÕâЩÀûÓúÍÓÎÏ·¾ùÓɺϷ¨µÄApple¿ª·¢ÕßIDÊðÃûºÍ¹«Ö¤ £¬Òò¶ø¿ÉÄÜÁÙʱͨ¹ýAppleµÄ°²È«²é³­ £¬ÔÚmacOSϵͳÉϲ»ÊÜÏ޶ȵØÖ´ÐС£ÕâЩÀûÓ÷¨Ê½µÄÃû³ÆÒÔ¼ÓÃÜÇ®±ÒΪÖ÷Ìâ £¬Ó볯ÏʺڿͶԽðÈÚ͵ÇÔµÄÐËÖÂÏà·û¡£¾ÝJamf Threat Labs·¢ÏÖ £¬ÕâЩ»î¶¯¿´ËÆÊÇÈÆ¹ýmacOS°²È«»úÔìµÄ³¢ÊÔ £¬¶ø·Ç³ÉÊìÐж¯¡£´Ó2024Äê11ÔÂÆðÍ· £¬JamfÔÚVirusTotalÉÏ·¢ÏÖ¶à¸ö¿´ËÆÎÞº¦È´Ïνӵ½³¯ÏÊ·þÎñÆ÷µÄÀûÓ÷¨Ê½¡£ÕâЩÀûÓ÷¨Ê½Ê¹ÓÃFlutter¿ò¼Ü¹¹½¨ £¬Îª¶ñÒâÈí¼þ×÷ÕßÌṩÁ˶àÖ°ÄÜÐÔÇÒ¸üÄѼì²â¡£Jamf»¹·¢ÏÖÁù¸ö¶ñÒâÀûÓ÷¨Ê½ÖÐÓÐÎå¸öÒÑÊðÃû²¢¹«Ö¤ £¬ÇÒ´æÔÚ»ùÓÚGolangºÍPythonµÄ±äÌ塣ƻ¹û¹«Ë¾Òѳ·ÏúÕâЩÀûÓ÷¨Ê½µÄÊðÃû £¬µ«Éв»Ã÷ÏÔËüÃÇÊÇ·ñÔøÔÚÏÖʵ²Ù×÷ÖÐʹÓùý £¬»¹ÊǽöÓÃÓÚ²âÊÔÆÀ¹ÀÈÆ¹ý°²È«Èí¼þµÄ¼¼Êõ¡£


https://www.bleepingcomputer.com/news/security/north-korean-hackers-create-flutter-apps-to-bypass-macos-security/


4. GoIssue£ºÐÂÐÍGitHubÍøÂç´¹µö¹¤¾ßÒý·¢°²È«¾¯±¨


11ÔÂ12ÈÕ £¬SlashNextÍøÂ簲ȫ×êÑÐÈËÔ±·¢ÏÖÁËÒ»ÖÖÃûΪGoIssueµÄÐÂÐ͸´ÔÓÍøÂç´¹µö¹¤¾ß £¬¸Ã¹¤¾ß¿ÉÄÜÓëGitLokerÀÕË÷»î¶¯ÓйØ £¬×¨ÃÅÕë¶ÔGitHubÓû§¡£GoIssueÄÜ´Ó¹«¹²GitHubÓ×ÎÒ×ʲÂÖÐÏµÍ³ÍøÂçµç×ÓÓʼþµØÖ· £¬²¢ÀûÓÃÕâЩÐÅÏ¢ÌáÒé´ó¹æÄ£¡¢ÓÐÕë¶ÔÐÔµÄÍøÂç´¹µö¹¥»÷¡£¶¨Ôì°æ±¾ºÍÆëȫԴ´úÂëµÄ½Ó¼û±ðÀëÊÛ¼Û700ÃÀÔªºÍ3000ÃÀÔª¡£³É¹¦µÄ¹¥»÷¿ÉÄܵ¼ÖÂÔ´´úÂë±»µÁ¡¢¹©¸øÁ´±»¹¥»÷ÒÔ¼°ÆóÒµÍøÂç±»ÈëÇÖ¡£¾ÝSlashNext±¨Â· £¬GitLokerÍŶӳÉÔ±CyberluffyÓëGoIssueÓйØ £¬ÕâÅú×¢Á½ÖÖ¹¤¾ß¿ÉÄÜ´æÔÚ¹ØÁª¡£GitHubÓû§Ó¦Ñ¡È¡×î¼ÑÔÚÏß°²È«Êµ¼Ê £¬ÈçÇ¿ÃÜÂ롢˫³É·ÖÉí·ÝÑéÖ¤¡¢¾¯ÌèÍøÂç´¹µöÓʼþºÍ¶¨ÆÚ²é³­OAuthÀûÓÃȨÏÞ £¬ÒÔ±£»¤×Ô¼ººÍ×éÖ¯ÃâÊÜDZÔÚÇÖº¦¡£Sectigo¸ß¼¶×êÑÐÔ±Jason SorokoÖ¸³ö £¬GoIssue²»½ö¶ÔGitHub×é³É³Á´óÍþв £¬Ò²¶ÔÆäËû¿ª·¢Õ߯½Ì¨×é³É·çÏÕ £¬¿ª·¢Õ߯½Ì¨ÒѳÉΪ¸ß·çÏÕµÄÕ½³¡ £¬±ØÒª¼±¾ç·¢Õ¹°²È«·ÀÓùÀ´Ó¦¶ÔÕâÖÔìձ鴿ÔÚµÄÍþв¡£


https://hackread.com/gitloker-goissue-tool-targets-github-phishing-users/


5. Form I-9 ComplianceÊý¾Ýй¶ӰÏìÈËÊýÔ¶³¬Ô¤ÆÚ


11ÔÂ12ÈÕ £¬Ô±¹¤×ʸñÑéÖ¤½â¾ö¹æ»®ÌṩÉÌForm I-9 ComplianceÔâ·êÁËÊý¾Ýй¶ÊÂÎñ £¬ÆäÓ°ÏìÖð²½À©´ó £¬Ô¶³¬×î³õÔ¤ÆÚ¡£¸Ã¹«Ë¾Ð­Öú¿Í»§Ìîдµ±¾ÖÒªÇóµÄI-9±í¸ñÎļþ £¬ÓÃÓÚÑéÖ¤ÔÚÃÀ¹úÊܹÍÓ×ÎÒµÄÉí·ÝºÍ¹¤×÷Ðí¿É¡£½ñÄê2Ô³õ £¬ÓÐÈËδ¾­ÊÚȨ½Ó¼ûÁËÆäÍøÂç £¬4ÔÂ12ÈÕÕâÒ»ÈëÇÖÐÐΪ±»·¢ÏÖ £¬Ëæºó¹«Ë¾¹Ø¹ØÁËһЩϵͳ×÷ΪÏìÓ¦´ëÊ©¡£×î³õ £¬¹«Ë¾Í¨ÖªÃåÒòÖÝ×ܼì²ì³¤°ì¹«ÊÒ³ÆÊÜÓ°ÏìµÄÈËÊýԼΪ27,000ÈË £¬µ«ËæºóÔÚ10Ô·Ýй©ÊÜÓ°ÏìÈËÊýÒÑÔö³¤ÖÁ½ü97,000ÈË¡£¶ø×î½ü¼¸Ìì¸üеÄÊý¾ÝÏÔʾ £¬ÏÖʵÊÜÓ°ÏìµÄÈËÊýÒѳ¬¹ý193,000ÈË¡£Ð¹Â¶µÄÐÅÏ¢Ô̺¬ÐÕÃûºÍÉç»á±£ÏպŠ£¬ÊÜÓ°ÏìµÄÓ×ÎÒ½«»ñµÃÃâ·ÑµÄÉí·Ý͵ÇÔ±£»¤ºÍÐÅÓþ¼à¿Ø·þÎñ¡£Ä¿Ç°Éв»Ã÷ÏÔÕâ´ÎÊý¾Ýй¶ÊÇ·ñÉæ¼°ÀÕË÷Èí¼þ¹¥»÷ £¬Ò²Ã»ÓÐÒÑÖªµÄÀÕË÷Èí¼þ×éÖ¯ÈϿɶÔÕâ´ÎÈëÇÖÕÆ¹Ü¡£


https://www.securityweek.com/form-i-9-compliance-data-breach-impacts-over-190000-people/


6. Microsoft Exchange Õë¶ÔÀÄÓúýŪ·ì϶µÄµç×ÓÓʼþÔö³¤ÖÒ¸æ


11ÔÂ12ÈÕ £¬Î¢ÈíÅû¶ÁËÒ»¸ö¸ßÑϳÁÐÔµÄExchange Server·ì϶£¨CVE-2024-49040£© £¬¸Ã·ì϶ÓÉSolidlab°²È«×êÑÐÔ±Vsevolod Kokorin·¢ÏÖ £¬Ó°ÏìExchange Server 2016ºÍ2019°æ±¾¡£¸Ã·ì϶ÔÊÐí¹¥»÷ÕßαÔì´«Èëµç×ÓÓʼþµÄºÏ·¨·¢¼þÈË £¬Ìá¸ß¶ñÒâÐÂÎŵÄÓÐЧÐÔ¡£ÎÊÌâÔ´ÓÚSMTP·þÎñÆ÷¶ÔÊÕ¼þÈ˵ØÖ·µÄ½âÎö²î¾àÒÔ¼°µç×ÓÓʼþÌṩÉÌÔÊÐíʹÓò»ÇкÏRFC³ß¶ÈµÄ·ûºÅ¡£Î¢ÈíÔÚ±¾Ô²¹¶¡ÐÇÆÚ¶þ°ä²¼Á˸üР£¬Ôö³¤·ì϶¼ì²âºÍÖÒ¸æºá·ù £¬¹ÌÈ»ÉÐ佨²¹¸Ã·ì϶ £¬µ«Exchange·þÎñÆ÷´Ë¿Ì½«¼ì²â¶ñÒâµç×ÓÓʼþ²¢Ôö³¤ÖҸ档ÖÎÀíÔ±ÆôÓÃĬÈϰ²È«ÉèÖúó £¬ÏµÍ³½«Ä¬ÈÏÆôÓ÷ì϶¼ì²âºÍµç×ÓÓʼþÖÒ¸æ £¬²¢ÔÚ¼ì²âµ½µÄ¿ÉÒɵç×ÓÓʼþÖÐÔö³¤ÖÒ¸æ £¬ÌáÐÑÓû§²»ÒªÏàÐÅδ¾­ÑéÖ¤µÄÐÅÏ¢¡¢Á´½Ó»ò¸½¼þ¡£Î¢Èí½¨ÒéÓû§Î¬³Ö¸ÃÖ°ÄÜÆôÓà £¬ÒÔÔ¤·ÀÍøÂç´¹µö¹¥»÷¡£


https://www.bleepingcomputer.com/news/security/unpatched-microsoft-exchange-server-flaw-enables-spoofing-attacks/