°®¶ûÀ¼Ò½ÁÆ»ú¹¹HSEѬȾConti£¬±»ÀÕË÷½ü2000ÍòÃÀÔª£»DarkSideÀÕË÷Èí¼þ·þÎñÆ÷±»²é·â²¢Ðû²¼½«ÖÕÖ¹ÔËÓª

Ðû²¼Ê±¼ä 2021-05-17

1.°®¶ûÀ¼Ò½ÁÆ»ú¹¹HSEѬȾConti£¬±»ÀÕË÷½ü2000ÍòÃÀÔª


1.jpg


°®¶ûÀ¼µÄÒ½ÁÆ·þÎñ»ú¹¹HSEÌåÏÖ£¬ÆäÔâµ½ÁËContiÀÕË÷Èí¼þ¹¥»÷£¬²¢±»ÒªÇóÖ§¸¶19999000ÃÀÔªµÄÊê½ð ¡£¸Ã»ú¹¹ÔÚ·¢ÏÖ¹¥»÷ºó£¬ÒÑÓÚÉÏÖÜÎ幨±ÕÁËËùÓÐITϵͳ ¡£ContiÍÅ»ïÉù³ÆÒѾ­½øÈëHSEµÄÍøÂçÁ½ÖÜÁË£¬ÔÚ´ËÆÚ¼ä£¬ËûÃÇÇÔÈ¡ÁËHSE 700 GBµÄδ¼ÓÃÜÎļþ£¬°üÂÞ»¼ÕßÐÅÏ¢ºÍÔ±¹¤ÐÅÏ¢¡¢ºÏͬ¡¢²ÆÕþ±¨±íºÍÈËΪµ¥µÈ ¡£°®¶ûÀ¼×ÜÀíTaoiseach Miche¨¢l MartinÓÚ5ÔÂ14ÈÕÔÚÐÂÎÅÐû²¼»áÉÏÌåÏÖ£¬ËûÃǽ«²»Ö§¸¶ÈκÎÊê½ð ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/ireland-s-health-services-hit-with-20-million-ransomware-demand/


2.Herff Jones¿Í»§ÐÅÓÿ¨±»µÁË¢£¬Éæ¼°ÃÀ¹ú´óѧ½áÒµÉú


2.jpg


ñ×ÓºÍÀñ·þÖÆÔìÉÌHerff Jonesй¶¿Í»§µÄÐÅÓÿ¨ÐÅÏ¢£¬Ó°ÏìÁËÃÀ¹ú¶àÊý´óѧ½áÒµÉú ¡£ÔÚÉÏÖÜÈÕ£¬ÃÀ¹ú¼¸Ëù´óѧµÄ½áÒµÉúÌåÏÖ£¬ËûÃÇÔÚHerff JonesʹÓÃÐÅÓÿ¨¹ºÖýáÒµÒÇʽ·þ×°ºó·¢ÉúÁ˵ÁË¢½»Ò× ¡£´ó¶àÊýÊܺ¦ÕßµÄËðʧÔÚ80µ½1200ÃÀÔªÖ®¼ä£¬Ò²ÓÐÈËËðʧ¸ß´ï4000ÃÀÔª ¡£Ö±µ½ÕâЩѧÉúÔÚÉ罻ýÌåÉÏËß¿à´Ë´ÎµÄµÁˢʼþ£¬Herff Jones²ÅµÃÖªÁËÐÅÓÿ¨Ð¹Â¶ÎÊÌ⣬ĿǰÉв»Çå³þй¶¿ªÊ¼µÄʱ¼ä£¬µ«×îÔçµÄ½»Ò×ÈÕÆÚÊÇ´Ó±¾Ô³õ¿ªÊ¼ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/herff-jones-credit-card-breach-impacts-college-students-across-the-us/


3.ºÚ¿ÍÍÅ»ïFIN7ÔÚ×î½üµÄ¹¥»÷ÖÐʹÓÃеÄLizarºóÃÅ


3.jpg


BI.ZONEÍøÂçÍþвÑо¿ÍŶӷ¢ÏÖ£¬ºÚ¿ÍÍÅ»ïFIN7ÔÚ×î½üµÄ¹¥»÷ÖÐʹÓÃеÄLizarºóÃÅ ¡£×Ô2015ÄêÖÐÒÔÀ´£¬¶íÂÞ˹ºÚ¿ÍÍÅ»ïFIN7¾ÍÃé×¼ÁËÃÀ¹úµÄÁãÊÛ¡¢²ÍÒûºÍ¾ÆµêÐÐÒµ ¡£Ôڴ˴ι¥»÷ÖУ¬FIN7αװ³ÉÏúÊÛÄþ¾²·ÖÎöƽ̨µÄºÏ·¨¹«Ë¾£¬¶øÇÒ×Ô½ñÄê2Ô·ÝÒÔÀ´Ò»Ö±Ê¹ÓÃеÄLizarºóÃÅ ¡£¸Ã¶ñÒâÈí¼þÊÇʹÓÃ.NET¿ò¼Ü±àдµÄ£¬ÔÚÔ¶³ÌLinuxÖ÷»úÉÏÔËÐУ¬Ö§³ÖÓëBot¿Í»§¶ËµÄ¼ÓÃÜͨÐÅ£¬¾ßÓÐÇ¿´óµÄÊý¾Ý¼ìË÷ºÍºáÏòÒÆ¶¯¹¦Ð§ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.ehackingnews.com/2021/05/fin7-is-spreading-backdoor-called-lizar.html


4.DarkSideÀÕË÷Èí¼þ·þÎñÆ÷±»²é·â²¢Ðû²¼½«ÖÕÖ¹ÔËÓª


4.jpg


DarkSideÊÇÒ»¸öÀÕË÷Èí¼þ·þÎñÆ÷ÍŻRaaS£©£¬Ò»ÖÜǰ¹¥»÷ÁËColonial Pipeline Co.²¢ÀÕË÷500ÍòÃÀÔª ¡£¸ÃÍÅ»ïÓÚ2021Äê5ÔÂ13ÈÕÐû²¼ÉùÃ÷³Æ£¬ÓÉÓÚÖ´·¨Ðж¯£¬ËûÃÇĿǰÒѾ­ÎÞ·¨Í¨¹ýSSH·ÃÎÊÆä¹«¹²Êý¾ÝÐ¹Â¶ÍøÕ¾¡¢Ö§¸¶·þÎñÆ÷ºÍCDN·þÎñÆ÷£¬ÒÔ¼°Ö÷»ú½çÃæ ¡£Òò´Ë½«ÎªËùÓÐÉÐδ¸¶¿îµÄ¹«Ë¾Ìṩ½âÃܹ¤¾ß£¬²¢ÔÊÐíÔÚ2021Äê5ÔÂ23ÈÕ֮ǰ¹é»¹ËùÓÐδ³¥Õ®Îñ ¡£¸ÃÉùÃ÷»¹Ö¸³öÓÉÓÚÀ´×ÔÃÀ¹úµÄѹÁ¦£¬Æä½«ÖÕÖ¹ÀÕË÷»î¶¯ ¡£


Ô­ÎÄÁ´½Ó£º

https://www.intel471.com/blog/darkside-ransomware-shut-down-revil-avaddon-cybercrime


5.ExtraHop³Æ67£¥µÄ¹«Ë¾ÈÔÒ×Ôâµ½WannaCryµÄ¹¥»÷


5.jpg


Ô­ÉúÔÆÍøÂç¼ì²âºÍÏìÓ¦¹«Ë¾ExtraHop³Æ67£¥µÄ¹«Ë¾ÈÔÔÚÔËÐв»Äþ¾²µÄWindowsЭÒéSMBv1£¬Ò×Ôâµ½WannaCryºÍNotPetyaµÄ¹¥»÷ ¡£´ËÍ⣬Ñо¿»¹·¢ÏÖ70£¥µÄ»·¾³ÈÔÔÚÔËÐÐLLMNR£¬¸ÃЭÒé¿É±»ÓÃÀ´·ÃÎÊÓû§Æ¾¾ÝµÄ¹þÏ££»34£¥µÄÆóҵʹÓÃÔËÐÐÁËNTLMv1µÄ¿Í»§¶Ë£¬µ«Microsoft½¨Òé×é֯ʹÓÃÔ½·¢Äþ¾²µÄKerberosÉí·ÝÑé֤ЭÒ飻81£¥µÄÆóҵʹÓò»Äþ¾²µÄHTTP´«Êä´¿Îı¾Æ¾¾Ý ¡£


Ô­ÎÄÁ´½Ó£º

https://www.extrahop.com/company/press-releases/2021/insecure-protocols/


6.VerizonÐû²¼2021ÄêÊý¾ÝÎ¥¹æÊÓ²ì·ÖÎö³ÂËߣ¨DBIR£©


6.jpg


VerizonÐû²¼ÁË2021ÄêÊý¾ÝÎ¥¹æÊÓ²ì·ÖÎö³ÂËߣ¨DBIR£© ¡£¸Ã³ÂËß¹²·ÖÎöÁË29207Æðʼþ£¬ÆäÖÐ5258Æð±»È·ÈÏΪÊý¾ÝÎ¥¹æÊ¼þ ¡£³ÂËßÖ¸³ö£¬ÍøÂçµöÓã¹¥»÷Ôö¼ÓÁË11£¥£¬ÀÕË÷Èí¼þ¹¥»÷Ôö¼ÓÁË6£¥£¬±ÈÈ¥ÄêÔö¼ÓÁË15±¶£»85£¥µÄй¶Ê¼þÉæ¼°ÈËΪÒòËØ£¬¶øÁè¼Ý80£¥µÄй¶Ê¼þÊÇÓÉÍⲿ¸÷·½·¢Ïֵģ»Ò»´Îй¶Ê¼þµÄƽ¾ùËðʧΪ21659ÃÀÔª£¬ÆäÖÐ95£¥µÄʼþµÄËðʧ½éÓÚ826ÃÀÔªÖÁ653587ÃÀÔªÖ®¼ä ¡£


Ô­ÎÄÁ´½Ó£º

https://www.verizon.com/business/resources/reports/dbir/2021/masters-guide/