΢ÈíSharePoint¸ßΣ·ì϶ÔâÔÚÒ°ÀûÓÃ
°ä²¼¹¦·ò 2026-07-067ÔÂ2ÈÕ£¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©°ä²¼´¹Î£ÖҸ棬¹¥»÷ÕßÒÑÆðÍ·»ý¼«ÀûÓÃ΢ÈíSharePointƽ̨ÖеÄÒ»¸ö¸ßΣԶ³Ì´úÂëÖ´Ðзì϶£¨±àºÅCVE-2026-45659£©¡£¸Ã·ì϶ԴÓÚ¶Ô²»ÊÜÐÅÀµÊý¾ÝµÄ·´ÐòÁл¯´¦ÖÃȱµã£¬ÔÊÐíÕ¼ÓÐ×îµÍȨÏ޵ľ¹ýÉí·ÝÑéÖ¤µÄ¹¥»÷Õߣ¬ÔÚÎÞÐèÓû§½»»¥µÄÇé¿öÏ£¬ÒԽϵ͵Ĺ¥»÷¸´ÔÓ¶ÈÔÚδ´ò²¹¶¡µÄSharePoint·þÎñÆ÷ÉÏÔ¶³ÌÖ´ÐÐËÁÒâ´úÂ롣΢ÈíÔÚ·ì϶²¼¸æÖÐÃ÷È·Ö¸³ö£¬Èκξ¹ýÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¾ù¿É´¥·¢´Ë·ì϶£¬ÎÞÐèÖÎÀíÔ±»ò¸ü¸ßȨÏÞ£¬ÇÒ¹¥»÷¿É¾ÓÉÍøÂçÔ¶³ÌÌáÒ飬ÉõÖÁͨ¹ý»¥ÁªÍøÖ±½ÓÖ´ÐУ¬·çÏÕÁìÓò¿í·º¡£Î¢ÈíÒÑÓÚ5ÔÂ21ÈÕ°ä²¼Õë¶ÔSharePoint Enterprise Server 2016¡¢SharePoint Server 2019¼°SharePoint Server¶©ÔİæµÄ°²È«¸üÐÂÒÔ½¨¸´¸ÃÎÊÌ⣬²¢ÈϿɸÃCVE±àºÅÔøÔÚ5Ô°²È«¸üÐÂÖб»Òâ±íÒÅ©¡£»¥ÁªÍø°²È«¼à¿Ø»ú¹¹ShadowserverµÄ×·×ÙÊý¾ÝÏÔʾ£¬Ä¿Ç°È«ÇòÓг¬¹ý1Íǫ̀SharePoint·þÎñÆ÷¶³öÓÚ¹«Íø£¬µ«Éв»Ã÷ÏÔÆäÖÐÓм¸¶àÒѲ¿Êð²¹¶¡»ò²ÉÈ¡»º½â´ëÊ©ÕмܳÖÐø¹¥»÷¡£
https://www.bleepingcomputer.com/news/security/cisa-microsoft-sharepoint-rce-flaw-now-actively-exploited/
2. ¹È¸èÁªÊÖFBI³Á´´NetNut½©Ê¬ÍøÂç
7ÔÂ2ÈÕ£¬¹È¸è°ä·¢£¬ÒÑͨ¹ý¶Â½ØÓëNetNutºÅÁî½ÚÔì²Ù×÷ÓйصĹȸèÕË»§¼°·þÎñ£¬¶Ô¸ÃÈ«Çò¹æÄ£×î´óµÄסլ´úÀí½©Ê¬ÍøÂçÖ®Ò»Ôì³ÉÑϳÁ½ø¹¥¡£¾Ý¹È¸èÍþвµý±¨Ó××é¹À¼Æ£¬¸Ã½©Ê¬ÍøÂçÖÁÉÙϰȾÁËÈ«Çò200Íǫ̀¼ÒÓÃÉ豸£¬º¸ÇÖÇÄܵçÊÓ¡¢Á÷ýÌåºÐ×ӵȳ£¼û¼ÒÍ¥ÖÕ¶Ë¡£ÔÚÐж¯¹ý³ÌÖУ¬GTIG¹Û²ìµ½¶à´ï316¸ö·ÖÆçµÄÍþв¼¯Èº£¬Ô̺¬ÍøÂç·¸×OÍźͼäµý×éÖ¯£¬ÀûÓøÃÍøÂ縲¸ÇÕæÊµIPµØÖ·²¢·¢ÆðÃÜÂëÅçÈ÷µÈ¹¥»÷»î¶¯¡£Õâ´Î½áºÏÐж¯ÓɹȸèÓëFBI¡¢Lumen Technologies¼°ÆäËûºÏ×÷ͬ°éÐִͬÐС£¹È¸è°µÊ¾£¬ÒÑÏò·¨Âɲ¿ÃÅ¡¢Æ½Ì¨ÌṩÉ̼°×êÑлú¹¹¹²ÏíÁ˹ØÓÚNetNutÈí¼þ¿ª·¢¹¤¾ß°ü£¨SDK£©ºÍºó¶Ë»ù´¡ÉèÊ©µÄ¾ßÌå¼¼Êõµý±¨¡£NetNutסլ´úÀíÍøÂ磨Òà³Æ¡°Popa¡±£©Í¨¹ý½«Ïû·ÑÕß¼ÒÍ¥µÄͨ³£É豸ת»¯Îª³ö¿Ú½Úµã£¬Ê¹¹¥»÷Õß¿ÉÄܲɰìÕâЩIP×ÊÔ´À´ÒþÄä×ÔÉíÁ÷Á¿ÆðÔ´¡£ÔËÓªÉÌͨ³£½«¶ñÒâ´úÂëÖ²Èë¿´ËÆºÏ·¨µÄÀûÓ÷¨Ê½£¬»òͨ¹ýԤװ¶ñÒâÈí¼þµÄ·Ç¹Ù·½ÁªÍøÉ豸ÇÖÈë¼ÒÓÃÖÕ¶Ë£¬¶øÓû§ÍùÍùÔÚ²»ÖªÇéµÄÇé¿öÏÂÏÂÔØÁËÔ̺¬°µ²Ø´úÀí´úÂëµÄÀûÓᣳýÁËÒÔ×ÔÓÐÆ·ÅÆÏúÊÛÍøÂç½Ó¼ûȨÏÞ£¬NetNut»¹ÔËÓª×ŹæÄ£ÖØ´óµÄ¾ÏúÉÌ´òË㣬ÔÊÐíµÚÈý·½¶ÔÆäÍøÂç½øÐаױ궨Ôì¡£
https://cybernews.com/news/google-fbi-disrupt-netnut-botnet-2-million-devices/
3. ÃÀ¹ú¹¤Òµ¾ÞÍ·UPSÔâChaosÀÕË÷Èí¼þ¹¥»÷
7ÔÂ2ÈÕ£¬¹¤Òµ·þÎñ¹«Ë¾Universal Plant Services£¨UPS£©½üÈÕ±»ÁÐÈë°µÍøChaosÀÕË÷Èí¼þÍÅ»ïµÄйÃÜÍøÕ¾£¬³ÉΪ¸Ã×éÖ¯µÄ×îй¥»÷Ö¸±ê¡£Õâ¼Ò×ܲ¿Î»Óڵ¿ËÈøË¹ÖÝµÄÆóÒµÊDZ±ÃÀÐýתºÍÍù¸´Ê½É豸·þÎñÁìÓòÈ·µ±ÏÈÆóÒµ£¬ÎªÈ«ÃÀÔ¼700¼Ò¿Í»§Ìṩרҵ·þÎñ£¬ÄêÊÕÈë¸ß´ï6.15ÒÚÃÀÔª¡£¹¥»÷ÕßÐû³ÆÒÑÇÔÈ¡¸Ã¹«Ë¾´óÁ¿Ãô¸ÐÊý¾Ý£¬²¢ÒÔ´Ë×÷ΪÍþв°ä²¼¡°×îºóͨ뺡±£¬ÕâÊÇÀÕË÷Èí¼þÍÅ»ïµÄ³£¼û¼¿Á©£¬Ö¼ÔÚͨ¹ý¹«¿ªÐ¹Â¶Êܺ¦ÕßÊý¾ÝÀ´ÆÈʹÆäÖ§¸¶Êê½ð¡£¾Ý¹¥»÷Õß°ä²¼µÄÇåµ¥£¬±»ÇÔÊý¾ÝÁìÓò¼«Îª¿í·º£¬º¸ÇÁËÈ«ÃæÉó¼Æ»ã±¨¡¢Ë°ÎñÉ걨Îļþ£¨º¬ADPϵͳÊý¾Ý£©¡¢¹¤×ʵ¥ÐÅÏ¢¡¢ÒøÐÐÂòÂô¼Í¼¡¢ÏÖ½ðÖÎÀí»ã±¨µÈ²ÆÕþÖ÷ÌâÊý¾Ý£¬ÒÔ¼°Ô±¹¤µÄÉç»á°²È«ºÅÂë¡¢¼Òͥסַ¡¢µ®ÉúÈÕÆÚºÍ±£Ãܽ¡È«¼Í¼µÈ¸ß¶ÈÃô¸ÐµÄÓ×ÎÒÐÅÏ¢¡£´Ë±í£¬±»µÁÊý¾Ý»¹Ô̺¬¾ßÌå·Ö°üºÏͬ¡¢±£ÃܺÍ̸¡¢¿Í»§µµ°¸¡¢Ðí¿ÉÎļþ¡¢ÄÚ²¿»úе»ã±¨¡¢×¨ÓвɹºÊý¾Ý£¨Éæ¼°ÄÜÔ´·þÎñÆóÒµEthos Energy£©¡¢ÖÊÁ¿½ÚÔìºÍ̸ÒÔ¼°ÏîÄ¿Ìá°¸µÈÉæ¼°¹«Ë¾ÔËÓªºÍóÒ×»úÃܵĸ÷ÀàÎĵµ¡£½ØÖÁĿǰ£¬Universal Plant ServicesÉÐδ¾Í´Ëʹ«¿ª»ØÓ¦¡£
https://cybernews.com/universal-plant-services-chaos-ransomware/
4. ºÉÀ¼Avans´óѧPower BIÅäÖÃʧÎóÖÂÊý¾Ýй¶
7ÔÂ2ÈÕ£¬ºÉÀ¼AvansÀûÓÿƼ¼´óѧ½üÈÕÅû¶ÁËһ·ÑϳÁµÄÊý¾Ýй¶ÊÂÎñ£¬Éæ¼°¸ÃУÃûΪAMIGOµÄÖÎÀíµ±Ó÷¨Ê½¡£¸ÃÀûÓ÷¨Ê½»ùÓÚ΢ÈíPower BIƽ̨¹¹½¨£¬ÖØÒªÓÃÓÚÖÎÀíÔ̺¬Ñ§ÉúÈëѧÂÊ¡¢ê¡Ñ§ÂʵȽÌÓýͳ¼ÆÐÅÏ¢µÄÊý¾Ý¼¯¡£ÊÂÎñÆðÒòÓÚ2025Äê6ÔÂ30ÈÕ΢Èí¶ÔÆäÔÆ»·¾³ÖÐÖ´ÐеÄÒ»ÏîÅäÖõ÷»»£¬¸Ãµ÷»»ÎÞÒâÖÐÔÊÐíÁËδ¾ÊÚȨµÄÓû§¼ìË÷¿É×·Òäµ½¾ßÌåÓ×ÎÒµÄÃô¸ÐÊý¾Ý¡£È»¶ø£¬ÕâÒ»°²È«·ì϶ֱµ½½üÒ»ÄêºóµÄ2026Äê6ÔÂ8Èղű»¸ÃУһÃûÔ±¹¤·¢ÏÖ¡£·¢ÏÖºó£¬Avans´óѧµ±¼´²ÉÈ¡Á˲¹¾È´ëÊ©£¬²¢ÒÀÕÕºÉÀ¼Êý¾Ý±£»¤ÂÉÀýÏò¸Ã¹úÊý¾Ý±£»¤»ú¹¹Ìá½»ÁËÕýʽ»ã±¨¡£Ö»¹Ü¸ÃУÃ÷È·ÈÏ¿Éй¶µÄÐÅÏ¢ÊôÓÚÃô¸ÐÓ×ÎÒÊý¾Ý£¬µ«³öÓÚ¶ÔÊÜÓ°ÏìÕßÒþÖԵı£»¤£¬Ð£·½»Ø¾ø¹«¿ª¾ßÌåÉæ¼°ÄÄЩÀàÐ͵ÄÊý¾Ý×ֶΡ£AvansÔÚרÃÅÉèÁ¢µÄÅûÂ¶Ò³ÃæÉϰµÊ¾£¬ËùÓÐÓйص±ÊÂÈËÒÑÓÚ2026Äê6ÔÂ30ÈÕÊÕµ½Ç××ÔͶµÝµÄ֪ͨ£¬Ð£·½ÒÑÏòËûÃǾßÌå˵ÁËÈ»Éæ¼°µÄÓ×ÎÒÊý¾ÝÀàÐÍ¡£Ä¿Ç°£¬Ñ§ÌÃÒÑÆô¶¯ÄÚ²¿µ÷²é£¬°²È«×êÑÐÈËÔ±½«³Áµã̽Ë÷ΪºÎ¸Ã·ì϶´æÔÚÈç´Ë³¤¹¦·ò²Å±»·¢ÏÖ£¬½üÒ»ÄêµÄ¶³öÆÚ¶³ö³öѧÌÃÔÚÊý¾Ý¼à¿ØºÍ¹Ü¿Ø¹¤¾ß·½Ãæ´æÔÚµÄÑϳÁ²»¼°£¬×êÑÐÈËԱͬʱҲÔÚ×êÑÐÈôºÎ¸Ä½øÓйع¤¾ßÒÔÔ¤·ÀÀàËÆÊÂÎñ³ÁÑÝ¡£
https://cybernews.com/security/dutch-university-data-breach-microsoft-power-bi/
5. 2026ÊÀ½ç±³É´¹µöµö¶ü£¬¶¨ÔìÓʼþ´«²¼Voidrift²¡¶¾
7ÔÂ2ÈÕ£¬ÍøÂ簲ȫ¹«Ë¾Cofense Intelligence½üÈÕÅû¶£¬Ò»³¡ÝÓÈÆ2026ÄêFIFAÊÀ½ç±·¢Õ¹µÄ»îÔ¾ÍøÂç´¹µö»î¶¯ÔÚÈ«ÇòÁìÓòÄÚÀ©É¢£¬ÆäÖ÷ÕÅÊÇ´«²¼ÃûΪVoidriftµÄ¸´ÔÓ¶ñÒâÈí¼þ¡£¾Ý×êÑÐÈËÔ±·ÖÎö£¬¸ÃڿƻʼÓÚÒ»·â¸ß¶È¶¨Ô컯µÄµç×ÓÓʼþ£¬ÓʼþÐû³ÆÍ¨¹ýαÔìµÄÓë¹ú¼Ê×ãÁª¼°Êܺ¦Õߵص㹫˾µÄºÏ×÷¹ØÏµ£¬ÏòÔ±¹¤Ìṩ¶À¼ÒÊÀ½ç±ÁôÏëTÐô¡£ÎªÁìÈ¡Õâ¼þ¿´ËÆÓÕÈ˵ÄÀñÎÊÕ¼þÈ˱»ÒªÇóÏÂÔØÒ»·Ý×¢²á±í¸ñ£¬È»¶øÏÖʵÏÂÔØ²¢×°ÖõÄÈ´ÊÇVoidrift¶ñÒâÈí¼þ£¬¹¥»÷Õß½è´Ë»ñµÃ¶ÔÊܺ¦Õ߯óÒµÍøÂçµÄ³õʼ½Ó¼ûȨÏÞ£¬½ø¶øÇÔȡҵÎñÊý¾Ý¡¢¼à¶½¹«Ë¾»î¶¯»òÈëÇÖÃô¸ÐµÄÆóÒµÕË»§¡£Õâ´Î¹¥»÷µÄΣÏÕÐÔÔÚÓÚÆä¸ß¶ÈµÄÕë¶ÔÐÔºÍÒñ±ÎÐÔ¡£Ã¿·â´¹µöÓʼþ¾ùƾ¾ÝÊÕ¼þÈ˵ÄÐÕÃû¼°ÆäËùÊô¹«Ë¾Á¿Éí¶¨Ô죬ÉõÖÁÁ¬Ðû´«Í¼Æ¬ÖеÄTÐô¶¼Ó¡ÓжÔÓ¦¹«Ë¾µÄ±êÖ¾£¬Ê¹µÃÓʼþ¼«¾ß¹Æ»óÐÔ£¬Ô±¹¤ºÜÄѽ«ÆäÓëͨ³£µÄÓªÏúÍÆ¹ã·Ö±æ¸ôÀ´¡£¸üÁîÈËÓÇÓôµÄÊÇ£¬CofenseÈ·Èϸù¥»÷»î¶¯Òѳɹ¦ÈƹýÁËÈýÖÖ¿í·º²¿ÊðµÄ°²È«µç×ÓÓʼþÍø¹ØCisco IronPort¡¢Microsoft ATPºÍAbnormal Security£¬ÕâÒâζ×Å´«Í³µÄ×Ô¶¯»¯Óʼþ°²È«½ÚÔì´ëÊ©ÔÚÃæ¶Ô´ËÀ๥»÷ʱÆëȫʧЧ¡£
https://cybernews.com/security/hackers-fifa-world-cup-2026-football-voidrift-malware/
6. ARTokenƽ̨£ºÎ¢Èí365ÕË»§µÄÐÂÍþв
7ÔÂ3ÈÕ£¬Ë¼¿ÆTalosÍŶӽüÆÚ·¢ÏÖÁËÒ»¸öÃûΪ¡°ARToken¡±µÄÐÂÐÍÍøÂç´¹µö¼´·þÎñ£¨PhaaS£©Æ½Ì¨£¬¸Ãƽ̨ÓëÏÈǰ¼Í¼µÄEvilTokens´¹µöϵͳ¸ß¶È¹ØÁª£¬Îª°²È«×êÑÐÈËÔ±½ÒʾÁ˵±Ç°Õë¶ÔMicrosoft 365»·¾³µÄ×îÏȽø¹¥»÷¹¤¾ß°ü¡£ÔÚ¶ÔÊÂÎñÏìÓ¦»î¶¯ÖÐÉæ¼°µÄ»ù´¡ÉèÊ©½øÐÐÉî¿Ìµ÷²éʱ£¬Talos¼ø±ð³öÒ»¸ö»ùÓÚReact¹¹½¨µÄ¡°ARToken Panel¡±ÖÎÀíÃæ°å£¬Æä¶³öÁ˳¬¹ý80¸öAPI¶Ëµã£¬Í¨¹ý¶Ô¿Í»§¶ËJavaScript´úÂëµÄÄæÏò¹¤³Ì£¬×êÑÐÈËÔ±·¢ÏÖ¸ÃÆ½Ì¨µÄÖ°ÄÜÔ¶³¬Í¨Àý´¹µö·þÎñ£¬Ëü²»½ö¿ÉÄÜÇÔÈ¡Microsoft 365Éí·ÝÑéÖ¤ÁîÅÆ£¬»¹ÄÜÀûÓÃÖ÷Ë¢ÐÂÁîÅÆ£¨PRT£©³ÉÁ¢Óƾû¯½Ó¼û£¬´Ó¶øÈ«Ãæ½ÚÔìÊܺ¦ÕßµÄOutlookÓÊÏä¡¢SharePointÕ¾µãºÍOneDriveÎļþ¡£¸Ãƽ̨µÄÖ÷Ìâ¹¥»÷»úÔìÒÀ¸½ÓÚ΢ÈíµÄOAuth 2.0É豸ÊÚȨÊÚÓèÁ÷³Ì£¬¼´¡°É豸´úÂë´¹µö¡±£¬Êܺ¦Õß±»ÓÕµ¼ÔÚ΢Èí¹Ù·½µÇÂ¼Ò³ÃæÊäÈëºÏ·¨É豸´úÂ룬ʹµÃÈÏÖ¤ÁîÅÆÖ±½ÓÐû¸æ¸ø¹¥»÷Õߣ¬´Ó¶øÓÐÐ§ÈÆ¹ý¶à³ÁÉí·ÝÑéÖ¤£¨MFA£©±£»¤¡£
https://www.bleepingcomputer.com/news/security/artoken-phaas-exposes-eviltokens-microsoft-365-phishing-toolkit/


¾©¹«Íø°²±¸11010802024551ºÅ