RhysidaÀÕË÷Èí¼þÍÅ»ïÃé×¼²Ð¼²ÈË·ÇÓªÀû×éÖ¯Easterseals
Ðû²¼Ê±¼ä 2024-10-2510ÔÂ24ÈÕ£¬RhysidaÀÕË÷Èí¼þÍÅ»ï¿ËÈÕ½«Ä¿µÄתÏòÁË×ÅÃû²Ð¼²ÈË·ÇÓªÀû×éÖ¯¸´Éú½Ú·âÓ¡(Easterseals)£¬ÊÔͼÀÕË÷130ÍòÃÀÔª¡£¸Ã×é֯Ϊ²Ð¼²¶ùͯ¡¢ÍíÄêÈË¡¢ÍËÎéÎäÊ¿µÈÌṩ֧³Ö¡£¾ÝÃåÒòÖÝî¿Ïµ»ú¹¹Îļþ£¬EastersealsλÓÚÒÁÀûŵÒÁÖÝÖв¿µÄ·ÖÖ§»ú¹¹ÔÚ4ÔÂÔâÓöÁËÍøÂç¹¥»÷£¬µ¼ÖÂ14,855È˵ÄСÎÒ˽¼ÒÐÅϢй¶£¬°üÀ¨È«Ãû¡¢µØµã¡¢¼ÝʻִÕÕ¡¢Éç»áÇå¾²ºÅÂë¡¢Ò½ÁÆÐÅÏ¢µÈ¡£·¢Ã÷´ËÊÂÎñºó£¬EastersealsÁ¬Ã¦ÇжÏÍøÂç»á¼û£¬²¢Ô¼ÇëרҵÍøÂçÇå¾²¹«Ë¾¾ÙÐÐÈ¡Ö¤ÊӲ졣RhysidaÔÚÆäйÃÜÍøÕ¾ÉÏÐû²¼ÁËEastersealsµÄÐÅÏ¢£¬²¢ÒªÇóÔÚ10ÔÂ30ÈÕÇ°Ö§¸¶20±ÈÌرҡ£´ËÇ°£¬RhysidaÒѶԶà¼ÒÒ½ÁÆ»ú¹¹Ìᳫ¹¥»÷£¬°üÀ¨Ö¥¼Ó¸ç°²ÓëÂÞ²®ÌØH.¬Àï¶ùͯҽԺµÈ£¬²¢ÔÚÈ¥Äê12Ô¶ÔÌìÏ»ù¶½½Ì»áÍŽá»áÌᳫ¹¥»÷¡£
https://therecord.media/easterseals-central-illinois-data-breach
2. Cisco Talos½ÒÆÆTA866ÖØ´óÕ½ÂÔ¼°ÆäÓëWarmCookie¶ñÒâÈí¼þµÄÁªÏµ
10ÔÂ23ÈÕ£¬Cisco Talos½ÒÆÆÁËÍþвÐÐΪÕßTA866£¨ÓÖÃûAsylum Ambuscade£©µÄÖØ´óÕ½ÂÔºÍÆäÓëBadSpace¼Ò×åµÄWarmCookie¶ñÒâÈí¼þÖ®¼äµÄÁªÏµ¡£TA866×Ô2020ÄêÒÔÀ´Ò»Ö±»îÔ¾ÓÚ¾¼ÃÄ¿µÄ¶ñÒâÈí¼þÔ˶¯ºÍÌع¤Ô˶¯£¬½ÓÄɶà½×¶ÎѬȾÁ´£¬°üÀ¨¶ñÒâJavaScriptÏÂÔسÌÐò¡¢MSI°ü¡¢WasabiSeedÏÂÔØÆ÷¡¢Screenshotter¶ñÒâÈí¼þºÍAHK BotÄ£¿é»¯¶ñÒâÈí¼þ¡£WarmCookie¶ñÒâÈí¼þÓëTA866±£´æÁªÏµ£¬¹²ÏíÓÕ¶üÖ÷Ìâ¡¢»ù´¡ÉèÊ©¡¢CSharp-Streamer-RATºÍCobalt Strike×÷ΪºóÐøÔغɣ¬²¢Ê¹Óñà³ÌÌìÉúµÄSSLÖ¤Êé¡£WarmCookieͨ¹ý¶ñÒâÀ¬»øÓʼþºÍ¹ã¸æÈö²¥£¬ÌṩºóÃŹ¦Ð§¡£TA866µÄÑݱäÅú×¢×éÖ¯ÔÚ·ÀÓùÍøÂçÍþв·½ÃæÃæÁÙÖØ´óÌôÕ½£¬ÐèÒªÏàʶ×îÐÂÍþвÇ鱨²¢ÊµÑéÏȽøÇå¾²²½·¥¡£
https://hackread.com/ta866-group-warmcookie-malware-espionage-campaign/
3. Webflow³É¼ÓÃÜÇ®±Ò´¹ÂÚ¹¥»÷й¤¾ß
10ÔÂ23ÈÕ£¬Netskope Threat LabsµÄ×îÐÂÑо¿ÏÔʾ£¬Õë¶Ô¼ÓÃÜÇ®±ÒÇ®°üµÄÍøÂç´¹ÂÚ¹¥»÷ÔÚ2024Äê4ÔÂÖÁ9ÔÂʱ´ú¼¤Ôö£¬ÕâЩ¹¥»÷ʹÓÃÊ¢ÐеÄÍøÕ¾¹¹½¨Æ÷WebflowÖÆ×÷´¹ÂÚÒ³Ã棬ģÄâÕýµ±µÄ¼ÓÃÜÇ®°üÍøÕ¾£¬ÈçCoinbase¡¢MetaMaskµÈ£¬ÒÔ¼°¹«Ë¾ÍøÂçÓʼþƽ̨ºÍMicrosoft 365µÄµÇ¼½çÃæ¡£ÕâЩ¹¥»÷Ö÷ÒªÕë¶Ô±±ÃÀºÍÑÇÖ޵ĽðÈÚ·þÎñ¡¢ÒøÐкÍÊÖÒÕÐÐÒµ£¬ÒÑÓÐÁè¼Ý120¸ö×éÖ¯Êܵ½Ó°Ïì¡£Óë¹Å°å´¹ÂÚ¹¥»÷²î±ð£¬´Ë´Î¹¥»÷ÎÞÐè±àд´úÂ룬¹¥»÷Õßͨ¹ýWebflowµÄ±íµ¥¿éÍøÂçÊܺ¦ÕßµÄƾ֤£¬ÌØÊâÊǼÓÃÜÇ®°üµÄÉñÃػָ´¶ÌÓ´Ó¶øÍêÈ«¿ØÖÆÇ®°ü²¢ÇÔÈ¡×ʲú¡£ÕâЩ´¹ÂÚÒ³Ãæͨ³£Ê¹ÓÃÏÖʵǮ°üÖ÷Ò³µÄ½ØͼÖÆ×÷£¬²¢½«Õû¸öÍøҳת»»Îª¿Éµã»÷µÄͼÏñ£¬½«Êܺ¦ÕßÖض¨Ïòµ½¶ñÒâÍøÕ¾¡£±ðµÄ£¬ÕâЩÍøÂç´¹ÂÚÔ˶¯»¹³£ÓÃÓë֮ǰ¼ÓÃÜȦÌ×ÓйصÄ̸Ììƽ̨¡°tawk.to¡±¾ÙÐÐÚ²ÆÐÔÊÖÒÕÖ§³Ö¡£
https://securityonline.info/webflow-weaponized-phishing-attacks-target-crypto-wallets/
4. Change HealthcareÔâÀÕË÷Èí¼þ¹¥»÷£¬ÖÂ1ÒÚÈË¿µ½¡ÐÅϢй¶
10ÔÂ24ÈÕ£¬½ñÄê2Ô£¬Change HealthcareÔâÊÜÁËÀÕË÷Èí¼þ¹¥»÷£¬µ¼ÖÂÁè¼Ý1ÒÚÈ˵Ä˽ÈË¿µ½¡ÐÅÏ¢±»µÁ£¬ÕâÊÇÃÀ¹úÒÑÖªµÄ×î´óÒ»ÆðÒ½ÁƼͼÊý×Ö͵ÇÔ°¸Ö®Ò»£¬Ò²ÊÇÀúÊ·ÉÏ×î´óµÄÊý¾Ýй¶°¸Ö®Ò»¡£´Ë´Î¹¥»÷Ôì³ÉÁËÊýÔµÄÖÐÖ¹£¬¶ÔÃÀ¹úÒ½ÁƱ£½¡ÐÐÒµÔì³ÉÁËÆÕ±éÆÆËð¡£¹¥»÷ÓɶíÓïÀÕË÷Èí¼þºÍÚ²ÆÀÕË÷ÍÅ»ïALPHV/BlackCatËùΪ£¬ËûÃÇØʺóÈÏ¿ÉÔðÈβ¢Ç±ÌÓ£¬Í¬Ê±ÆÈ¡ÁËʵÑéºÚ¿Í¹¥»÷µÄ³Ð°üÉ̵ÄвƲú¡£¸ÃÍŻﻹÏò¸Ã¿µ½¡¿Æ¼¼¹«Ë¾µÄĸ¹«Ë¾ÍŽ῵½¡¼¯ÍÅ£¨UHG£©ÀÕË÷Á˵ڶþ±ÊÊê½ð£¬²¢ÔÚÍøÉÏÐû²¼Á˲¿·Ö±»µÁÎļþ¡£ÔÚÖ§¸¶Êê½ðºó£¬Change»ñµÃÁ˱»µÁÊý¾Ý¼¯µÄ¸±±¾£¬ÒÔʶ±ð²¢Í¨ÖªÊÜÓ°ÏìµÄСÎÒ˽¼Ò¡£ÃÀ¹úÕþ¸®ÊÔͼץ²¶¸ÃÍŻﱳºóµÄºÚ¿Í£¬µ«Î´ÄÜÀֳɡ£´Ë´Î¹¥»÷µÄÔµ¹ÊÔÓɲ¿·Ö¹é×ïÓÚÆóÒµºÏ²¢µ¼ÖµÄÔã¸âÇå¾²ÐÔ£¬ÒÔ¼°Î´ÊܶàÒòËØÉí·ÝÑéÖ¤£¨MFA£©±£»¤µÄ±»µÁƾ֤±»ÍøÂç·¸·¨·Ö×ÓʹÓá£
https://techcrunch.com/2024/10/24/unitedhealth-change-healthcare-hacked-millions-health-records-ransomware/
5. Landmark AdminÔâÍøÂç¹¥»÷£¬80ÓàÍòÈËÊý¾Ýй¶
10ÔÂ24ÈÕ£¬°ü¹ÜÖÎÀí·þÎñ¹«Ë¾ Landmark Admin ÖÒÑԳƣ¬2024Äê5ÔÂÔâÊܵÄÍøÂç¹¥»÷µ¼ÖÂÊý¾Ýй¶£¬Ó°ÏìÁËÁè¼Ý80ÍòÈË¡£Landmark Admin ×÷Ϊ´óÐÍ°ü¹Ü¹«Ë¾µÄµÚÈý·½ÖÎÀí¹«Ë¾£¬Îª¶à¼Ò°ü¹Ü¹«Ë¾Ìṩºǫ́·þÎñ¡£5ÔÂ13ÈÕ£¬¹«Ë¾¼ì²âµ½¿ÉÒÉÔ˶¯²¢Á¬Ã¦¹Ø±ÕITϵͳºÍÔ¶³Ì»á¼û£¬ÒÔ±ÜÃâ¹¥»÷À©É¢¡£ÓëµÚÈý·½ÍøÂçÇå¾²¹«Ë¾ÏàÖúºó£¬·¢Ã÷¹¥»÷ʱ´úÍþвÐÐΪÕß»á¼ûÁË°üÀ¨806,519ÈËСÎÒ˽¼ÒÐÅÏ¢µÄÎļþ£¬Éæ¼°ÐÕÃû¡¢µØµã¡¢Éç»áÇå¾²ºÅÂë¡¢½ðÈÚÕË»§ºÅÂë¡¢Ò½ÁÆÐÅÏ¢µÈÃô¸ÐÊý¾Ý¡£ÏÖÔÚ£¬Landmark ÒÑÏò¿ÉÄÜÊÜÓ°ÏìµÄСÎÒ˽¼Ò·¢ËÍ֪ͨ£¬²¢ÌáÐÑËûÃǼà¿ØÐÅÓñ¨¸æºÍÒøÐÐÕË»§¡£ÊÓ²ìÈÔÔÚ¾ÙÐÐÖУ¬ÉÐδȷ¶¨ÕâÊÇÀÕË÷Èí¼þ¹¥»÷Õվɴ¿´âµÄÊý¾Ý͵ÇÔ£¬Í¬Ê±Ò²Ã»ÓÐÍþвÐÐΪÕßÉù³Æ¶Ô´Ë´Î¹¥»÷ÈÏÕæ¡£
https://www.bleepingcomputer.com/news/security/insurance-admin-landmark-says-data-breach-impacts-800-000-people/
6. ÍŽá¹úÐÅÍлù½ðÊý¾Ý¿âÉèÖùýʧ£¬Ãô¸ÐÊý¾ÝÔâ´ó¹æģй¶
10ÔÂ24ÈÕ£¬ÍøÂçÇå¾²Ñо¿Ô±Jeremiah Fowler·¢Ã÷£¬ÍŽá¹úÏû³ý±©Á¦Ë𺦸¾Å®ÐÐΪÐÅÍлù½ðµÄÒ»¸öÊý¾Ý¿â±£´æÉèÖùýʧ£¬µ¼ÖÂÁè¼Ý115,000·ÝÃô¸ÐÎļþ±»Ð¹Â¶¡£ÕâЩÎļþ°üÀ¨Ð¡ÎÒ˽¼ÒÐÅÏ¢¡¢²ÆÎñ¼Í¼ºÍÊܺ¦ÕßÖ¤´ÊµÈÃô¸ÐÊý¾Ý£¬×ÜÈÝÁ¿µÖ´ï228GB¡£Ð¹Â¶µÄÊý¾Ý¶ÔÒþ˽ºÍÇå¾²×é³ÉÑÏÖØÍþв£¬¿ÉÄܻᱻÓÃÓÚÍøÂç´¹ÂÚ¹¥»÷¡¢Éí·Ý͵ÇÔ¡¢Ú²Æ¡¢ÀÕË÷µÈ¶ñÒâÄ¿µÄ¡£Êܺ¦Õß¡¢´ÈÉÆÊÂÇéÕߺÍÍŽá¹úÊÇÇéÖ°Ô±¿ÉÄܳÉΪĿµÄ£¬ÃæÁÙÉí·ÝÐÅÏ¢±»µÁÓá¢Ú²Æ¡¢Ú²Æ»òÀÕË÷µÈΣº¦¡£±ðµÄ£¬ÆعâµÄÄÚ²¿Îļþ»¹¿ÉÄÜÈ÷¸·¨·Ö×ÓÏàʶ×éÖ¯µÄÔË×÷·½·¨¡¢Òªº¦ÖÎÀíºÍ²ÆÎñ½á¹¹µÈÃô¸ÐÐÅÏ¢¡£ÏÖÔÚÉв»ÇåÎúËÔÚÖÎÀí¸ÃÊý¾Ý¿â£¬ÒÔ¼°Ëü̻¶Á˶೤ʱ¼ä¡£µ«ÍŽá¹ú¸¾Å®ÊðÒѾ½ÓÄÉÁËÐж¯£¬±£»¤ÁËÊý¾Ý¿â£¬²¢Ðû²¼ÁËթƾ¯±¨£¬Æð¾¢¼õÇáÓëÊý¾Ýй¶Ïà¹ØµÄΣº¦¡£ÕâÒ»ÊÂÎñ͹ÏÔÁËÇ¿ÓÐÁ¦µÄÍøÂçÇå¾²²½·¥¶Ô±£»¤Ãô¸ÐÊý¾ÝµÄÖ÷ÒªÐÔ¡£
https://hackread.com/misconfigured-un-database-gender-violence-victims-data/