ÐÅÏ¢Çå¾²Öܱ¨-2021ÄêµÚ34ÖÜ

Ðû²¼Ê±¼ä 2021-08-30

 >±¾ÖÜÇ徲̬ÊÆ×ÛÊö 


2021Äê08ÔÂ016ÈÕÖÁ08ÔÂ22ÈÕ¹²ÊÕ¼Çå¾²Îó²î60£¬ÖµµÃ¹Ø×¢µÄÊÇGoogle chrome V8 CVE-2021-30598ÀàÐÍ»ìÏý´úÂëÖ´ÐÐÎó²î£»Motorola MM1000×°±¸ÉèÖÃWEB·þÎñÆ÷ÌØȨÌáÉýÎó²î£»Lenovo Smart CameraÏÂÁî×¢ÈëÎó²î£»Apache HTTP Serverת·¢ÑéÖ¤ÈƹýÎó²î£»Dell EMC PowerScale OneFSÐÅϢй¶Îó²î¡£


±¾ÖÜÖµµÃ¹Ø×¢µÄÍøÂçÇå¾²ÊÂÎñÊǺڿÍÉù³ÆÒÑÇÔÈ¡µçÐŹ«Ë¾T-MobileÔ¼1ÒÚ¿Í»§µÄÐÅÏ¢£»KasperskyÐû²¼2021ÄêµÚ¶þ¼¾¶ÈÍþв̬ÊƵÄÆÊÎö±¨¸æ£»KalayÔÆƽ̨ÖеÄÇå¾²Îó²îÓ°ÏìÈ«ÇòÊý°ÙÍòIoT×°±¸£»ÐµÄHolesWarmʹÓÃ20¶à¸öÒÑÖªÎó²î·Ö·¢ÍÚ¿óÈí¼þ£»Cisco·¢Ã÷Õë¶ÔÄ«Î÷¸ç½ðÈÚ»ú¹¹µÄÐÂľÂíNeurevt¡£


ƾ֤ÒÔÉÏ×ÛÊö£¬±¾ÖÜÇå¾²ÍþвΪÖС£


>Ö÷ÒªÇå¾²Îó²îÁбí


1.Google chrome V8 CVE-2021-30598ÀàÐÍ»ìÏý´úÂëÖ´ÐÐÎó²î


Google chrome V8±£´æÀàÐÍ»ìÏýÎó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄWEBÇëÇó£¬ÓÕʹÓû§ÆÊÎö£¬¿ÉʹӦÓóÌÐò±ÀÀ£»òÒÔÓ¦ÓóÌÐòÉÏÏÂÎÄÖ´ÐÐí§Òâ´úÂë¡£

https://www.auscert.org.au/bulletins/ESB-2021.2774


2.Motorola MM1000×°±¸ÉèÖÃWEB·þÎñÆ÷ÌØȨÌáÉýÎó²î


Motorola MM1000×°±¸ÉèÖÃWEB·þÎñÆ÷±£´æÇå¾²Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇ󣬿ÉÌáÉýȨÏÞ£¬Ö´ÐÐí§Òâ´úÂë¡£

https://motorolamentor.zendesk.com/hc/en-us/articles/1260804047750


3.Lenovo Smart CameraÏÂÁî×¢ÈëÎó²î


Lenovo Smart Camera±£´æÊäÈëÑéÖ¤Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇ󣬿ÉÔÊÐíͨ¹ýÉèÖÃÌØÖƵÄÍøÂçÉèÖÃÀ´¾ÙÐÐÏÂÁî×¢Èë¡£

https://iknow.lenovo.com.cn/detail/dc_198417.html


4.Apache HTTP Serverת·¢ÑéÖ¤ÈƹýÎó²î


Apache HTTP Server±£´æÇå¾²Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇó£¬ÈƹýÉí·ÝÑéÖ¤£¬²¢ÓÉmod_proxyת·¢¡£

https://github.com/apache/


5.Dell EMC PowerScale OneFSÐÅϢй¶Îó²î


Dell EMC PowerScale OneFS´¦Öóͷ£ÇëÇó·½·¨±£´æÇå¾²Îó²î£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßʹÓÃÎó²îÌá½»ÌØÊâµÄÇëÇ󣬿ɻñÈ¡Ãô¸ÐÐÅÏ¢¡£

https://www.dell.com/support/kbdoc/zh-cn/000190408/dsa-2021-142-dell-powerscale-onefs-security-


 >Ö÷ÒªÇå¾²ÊÂÎñ×ÛÊö


1¡¢ºÚ¿ÍÉù³ÆÒÑÇÔÈ¡µçÐŹ«Ë¾T-MobileÔ¼1ÒÚ¿Í»§µÄÐÅÏ¢


ºÚ¿ÍÉù³ÆÒÑÇÔÈ¡µçÐŹ«Ë¾T-MobileÔ¼1ÒÚ¿Í»§µÄÐÅÏ¢.jpg


¹¥»÷ÕßÉù³ÆÔÚÁ½ÖÜÇ°ÈëÇÖÁËT-MobileµÄÓÃÓÚÉú²úºÍ¿ª·¢µÄ·þÎñÆ÷£¬ÒÔ¼°Ò»¸ö°üÀ¨ÁË¿Í»§ÐÅÏ¢µÄOracleÊý¾Ý¿â·þÎñÆ÷¡£´Ë´Îй¶ÁËT-MobileµÄ1ÒÚ¸ö¿Í»§Ô¼106GBµÄÊý¾Ý£¬°üÀ¨IMSI¡¢IMEI¡¢µç»°ºÅÂë¡¢¿Í»§ÐÕÃû¡¢Çå¾²PIN¡¢Éç»áÇå¾²ºÅÂë¡¢¼ÝÕÕºÅÂëºÍ³öÉúÈÕÆÚµÈÐÅÏ¢¡£ÍþвÇ鱨¹«Ë¾Hudson RockÌåÏÖ£¬´Ë´ÎºÚ¿ÍµÄ¹¥»÷ÐÐΪ¿ÉÄÜÊÇΪÁËÆÆËðÃÀ¹úµÄ»ù´¡ÉèÊ©£¬Ö¼ÔÚÅê»÷ÃÀ¹úÔøÓÚ2019Äê°ó¼Ü²¢ÕÛÄ¥ÁËJohn Erin Binns(CIA Raven-1)¡£


Ô­ÎÄÁ´½Ó£º

https://www.bleepingcomputer.com/news/security/hacker-claims-to-steal-data-of-100-million-t-mobile-customers/


2¡¢KasperskyÐû²¼2021ÄêµÚ¶þ¼¾¶ÈÍþв̬ÊƵÄÆÊÎö±¨¸æ


KasperskyÐû²¼2021ÄêµÚ¶þ¼¾¶ÈÍþв̬ÊƵÄÆÊÎö±¨¸æ.jpg


KasperskyÐû²¼ÁË2021ÄêµÚ¶þ¼¾¶ÈÍþв̬ÊƵÄÆÊÎö±¨¸æ¡£¸Ã±¨¸æÆÊÎöÁË2021ÄêQ2µÄ¶à¸öÓÐÕë¶ÔÐԵĹ¥»÷Ô˶¯£¬°üÀ¨ÓëCycldekÍÅ»ïÏà¹ØµÄ¹¥»÷Ô˶¯£¬ÔÚÒ°ÍâʹÓÃ×ÀÃæ´°¿ÚÖÎÀíÆ÷ÖÐ0dayµÄ¹¥»÷Ô˶¯£¬TunnelSnakeÐж¯£¬PuzzleMakerÔ˶¯ºÍFerocious KittenÍÅ»ïÏà¹ØÔ˶¯µÈ¡£±ðµÄ£¬±¨¸æ»¹ÆÊÎöÁ˶à¸ö¶ñÒâÈí¼þ£¬°üÀ¨ÀÕË÷Èí¼þJSWormºÍBlack Kingdom¡¢ÒøÐÐľÂíGootkitºÍBizarro¡¢APKPureÓ¦ÓÃÖжñÒâ´úÂëºÍBrowser lockersµÈ¡£


Ô­ÎÄÁ´½Ó£º

https://securelist.com/it-threat-evolution-q2-2021/103597/


3¡¢KalayÔÆƽ̨ÖеÄÇå¾²Îó²îÓ°ÏìÈ«ÇòÊý°ÙÍòIoT×°±¸


KalayÔÆƽ̨ÖеÄÇå¾²Îó²îÓ°ÏìÈ«ÇòÊý°ÙÍòIoT×°±¸.jpg


FireEyeµÄMandiantÔÚ2020Äêµ×·¢Ã÷ÁËKalayÔÆƽ̨ÖеÄÎó²î£¬²¢ÓëÃÀ¹úCISAºÍThroughTekÏàÖú£¬Ð­µ÷Åû¶¼Æ»®²¢¿ª·¢»º½âÒªÁì¡£¸ÃÎó²îÊÇÒ»¸ö×°±¸Ä£ÄâÎó²î£¬×·×ÙΪCVE-2021-28372£¬ÆÀ·ÖΪ9.6·Ö¡£Ö»ÐèҪĿµÄÓû§µÄKalayΨһ±êʶ·û(UID)£¬Ô¶³Ì¹¥»÷Õ߾ͿÉÒÔʹÓøÃÎó²îÀ´½ÓÊÜÎïÁªÍø×°±¸¡£Ñо¿È˳Æ£¬»¹¿ÉÒÔ½«¸ÃÎó²îÓë×°±¸RPC½Ó¿ÚÖеÄÎó²îÏàÍŽáÀ´ÍêÈ«ÈëÇÖ×°±¸¡£Îó²îÓ°ÏìÁËÈ«ÇòÊý°ÙÍòͨ¹ýThroughTekµÄKalay IoTÔÆƽ̨ÅþÁ¬µÄ×°±¸¡£


Ô­ÎÄÁ´½Ó£º

https://securityaffairs.co/wordpress/121226/hacking/kalay-cloud-platform-critical-flaw.html


4¡¢ÐµÄHolesWarmʹÓÃ20¶à¸öÒÑÖªÎó²î·Ö·¢ÍÚ¿óÈí¼þ


еÄHolesWarmʹÓÃ20¶à¸öÒÑÖªÎó²î·Ö·¢ÍÚ¿óÈí¼þ.jpg


еĽ©Ê¬ÍøÂçHolesWarm×Ô½ñÄê6ÔÂÒÔÀ´×îÏÈ»îÔ¾£¬Ê¹ÓÃÁË20¶à¸öÒÑÖªÎó²îÈëÇÖWindowsºÍLinux·þÎñÆ÷£¬È»ºó×°ÖÃÍÚ¿ó¶ñÒâÈí¼þ¡£ÏÖÔÚ¹¥»÷Ô˶¯Ö÷Òª±¬·¢ÔÚÖйú¸÷µØ£¬µ«Æ¾Ö¤Ñо¿Ö°Ô±ÆÊÎö£¬Ô¤¼ÆHolesWarm»áÀ©´óÆä¹¥»÷¹æÄ££¬²¢ÔÚδÀ´¼¸¸öÔÂÄÚÃé׼ȫÇò¡£¸Ã½©Ê¬ÍøÂçµÄC2·þÎñÆ÷Ϊm[.] windowsupdatesupsupport [.]org£¬ÆäʹÓÃÁËDocker¡¢Jenkins¡¢Apache Tomcat¡¢Oracle WebLogicºÍSpring BootµÈÓ¦ÓÃÖеÄÎó²î¡£


Ô­ÎÄÁ´½Ó£º

https://therecord.media/new-holeswarm-botnet-targets-windows-and-linux-servers/


5¡¢Cisco·¢Ã÷Õë¶ÔÄ«Î÷¸ç½ðÈÚ»ú¹¹µÄÐÂľÂíNeurevt


Cisco Talos.png


Cisco TalosÓÚ2021Äê6Ô¼ì²âµ½ÐÂNeurevtľÂí¡£¸Ã¶ñÒâÈí¼þ½«ºóÃźÍÐÅÏ¢ÇÔÈ¡³ÌÐòÍŽáÔÚÒ»Æð£¬Ö÷ÒªÕë¶ÔÄ«Î÷¸ç½ðÈÚ»ú¹¹µÄÓû§¡£¹¥»÷ÕßÒ»µ©ÀÖ³ÉѬȾĿµÄ×°±¸£¬¾Í¿ÉÒÔ»á¼ûÄ¿µÄϵͳ²¢ÐÞ¸ÄËûÃǵÄÉèÖÃÒÔÒþ²Ø×Ô¼º¡£¸ÃľÂí¿ÉÒÔͨ¹ý»á¼ûÊܺ¦ÕßµÄϵͳ·þÎñÁîÅÆÀ´ÌáȨ£¬´Ó¶ø»á¼û²Ù×÷ϵͳ¡¢Óû§ÕÊ»§ÐÅÏ¢¡¢ÒøÐÐÍøվƾ֤¡¢½ØÈ¡ÆÁÄ»½Øͼ²¢·¢Ë͵½C2·þÎñÆ÷ÒÔÇÔÈ¡Ä¿µÄµÄÐÅÏ¢¡£ 


Ô­ÎÄÁ´½Ó£º

https://blog.talosintelligence.com/2021/08/neurevt-trojan-takes-aim-at-mexican.html