ÿÖÜÉý¼¶Í¨¸æ-2022-03-29
Ðû²¼Ê±¼ä 2022-03-29ÐÂÔöÊÂÎñ
ÊÂÎñÃû³Æ£º | TCP_Çå¾²Îó²î_Spring_Cloud_Function_SpEL_±í´ïʽעÈëÎó²î |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | SpringCloudFunctionÊÇÀ´×ÔPivotalµÄSpringÍŶӵÄÐÂÏîÄ¿£¬ËüÖÂÁ¦ÓÚÔö½øº¯Êý×÷ΪÖ÷ÒªµÄ¿ª·¢µ¥Î»¡£¸ÃÏîÄ¿ÌṩÁËÒ»¸öͨÓõÄÄ£×Ó£¬ÓÃÓÚÔÚÖÖÖÖƽ̨ÉÏ°²ÅÅ»ùÓÚº¯ÊýµÄÈí¼þ£¬°üÀ¨ÏñAmazonAWSLambdaÕâÑùµÄFaaS£¨º¯Êý¼´·þÎñ£¬functionasaservice£©Æ½Ì¨¡£ÓÉÓÚSpringCloudFunctionδ¶ÔHTTPÇëÇóÍ·²¿Êý¾Ý¾ÙÐÐÓÐÓõÄÑéÖ¤£¬¹¥»÷Õß¿ÉʹÓøÃÎó²îÔÚδÊÚȨµÄÇéÐÎÏ£¬½á¹¹¶ñÒâÊý¾Ý¾ÙÐÐÔ¶³Ì´úÂëÖ´ÐÐÎó²î¹¥»÷£¬×îÖÕ»ñÈ¡·þÎñÆ÷×î¸ßȨÏÞ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_node-postgres_´úÂëÖ´ÐÐÎó²î[CVE-2017-16082][CNNVD-201806-553] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | node-postgresÔÚ´¦Öóͷ£ÀàÐÍΪRowDescriptionµÄpostgres·µ»Ø°üʱ£¬½«×Ö¶ÎÃûÆ´½Óµ½´úÂëÖС£ÓÉÓÚûÓоÙÐкÏÀíתÒ壬µ¼ÖÂÒ»¸öÌØÊâ½á¹¹µÄ×Ö¶ÎÃû¿ÉÌÓÒݳö´úÂëµ¥ÒýºÅÏÞÖÆ£¬Ôì³É´úÂëÖ´ÐÐÎó²î |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_ºóÃÅ_ELF.httpdz_ÅþÁ¬·þÎñÆ÷_ÉÏ´«ÇÔÃÜÐÅÏ¢ |
Çå¾²ÀàÐÍ£º | ľÂíºóÃÅ |
ÊÂÎñÐÎò£º | ¼ì²âµ½ELF.httpdzºóÃÅÅþÁ¬·þÎñÆ÷²¢ÉÏ´«ÇÔÃÜÐÅÏ¢µÄÐÐΪ¡£ELF.httpdzºóÃÅÊÇÔÚCryptoSinkÍÚ¿óÔ˶¯Öб»ÏÂÔصĺóÃÅÎļþ£¬C++ÓïÑÔ±àд£¬¾ßÓÐÏÂÔضñÒâÁ´½Ó²¢Ö´ÐУ¬ÍøÂçÓйØÓ²¼þ£¨CPU¡¢ÄÚ´æµÈ£©µÄÐÅÏ¢ÉÏ´«µ½C2·þÎñÆ÷µÈ¹¦Ð§¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_Çå¾²Îó²î_OracleAccessManager_δÊÚȨ´úÂëÖ´ÐÐÎó²î |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IP×°±¸ÕýÔÚʹÓÃOracleAccessManager_δÊÚȨ´úÂëÖ´ÐÐÎó²î¹¥»÷Ä¿µÄIP×°±¸¡£¸ÃÎó²î½«µ¼ÖÂÔ¶³Ì´úÂëÖ´ÐУ¬ÀÖ³ÉʹÓøÃÎó²îµÄ¹¥»÷Õ߿ɵִï½ÓÊÜÄ¿µÄ·þÎñÆ÷µÄÄ¿µÄ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_ºóÃÅ_Gh0stCringe_ÅþÁ¬ |
Çå¾²ÀàÐÍ£º | ľÂíºóÃÅ |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô¶¿ØºóÃÅGh0stCringeÊÔͼÅþÁ¬Ô¶³Ì·þÎñÆ÷£¬Ô´IPËùÔÚµÄÖ÷»ú¿ÉÄܱ»Ö²ÈëÁËGh0stCringe¡£Gh0stCringeÊÇʹÓÃÒ»¸öƾ֤Gh0stÔ¶¿ØµÄÔ´ÂëÐ޸ĶøÀ´µÄºóÃÅ¡£ÔËÐкó¿ÉÒÔÍêÈ«¿ØÖƱ»Ñ¬È¾»úе¡£¼ì²â±»Ñ¬È¾»úеÉÏÊÇ·ñÔËÐÐ×ÅÖ÷Á÷µÄɱ¶¾Èí¼þ£¬ÊÔͼ»ñÈ¡Ãô¸ÐÐÅÏ¢£¬Èç»ñÈ¡Ä¿½ñ½¹µã´°¿ÚµÄÎÊÌâ¡¢¼Í¼°´¼üÐÅÏ¢µÈ¡£ºóÃÅ×÷Õ߶ÔÍøÂçͨѶÃûÌÃ×öÁËһЩ´¦Öóͷ££¬ÒÔÌӱܼì²â¡£Gh0stCringe½«Çå¾²ÐԲÕË»§Æ¾Ö¤±¡ÈõÇÒûÓÐî¿ÏµµÄÊý¾Ý¿â·þÎñÆ÷°üÀ¨MicrosoftSQL,MySQL×÷Ϊ¹¥»÷Ä¿µÄµÄ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_×¢Èë¹¥»÷_JACKSON-databind_2670_Ô¶³Ì´úÂëÖ´ÐÐ[CVE-2020-11113][CNNVD-202003-1735] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´ipÕýÔÚʹÓÃFasterXML_JacksonµÄÔ¶³Ì´úÂëÖ´ÐÐÎó²îÏòÄ¿µÄip¾ÙÐз´ÐòÁл¯¹¥»÷£»FasterXMLJacksonÊÇÃÀ¹úFasterXML¹«Ë¾µÄÒ»¿îÊÊÓÃÓÚJavaµÄÊý¾Ý´¦Öóͷ£¹¤¾ß¡£jackson-databindÊÇÆäÖеÄÒ»¸ö¾ßÓÐÊý¾Ý°ó¶¨¹¦Ð§µÄ×é¼þ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_´úÂëÖ´ÐÐ_Oracle_Business_Intelligence_AMF·´ÐòÁл¯Îó²î[CVE-2020-2950][CNNVD-202004-810] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´ipÕýÔڽṹ¶ñÒâ·´ÐòÁл¯´úÂë¶ÔOracle_Business_Intelligence¾ÙÐй¥»÷£»Oracle_Business_IntelligenceÊÇÒ»¸öÊÖÒÕºÍÓ¦ÓóÌÐò×éºÏ£¬Ìṩҵ½çµÚÒ»¸ö¼¯³ÉµÄ¶Ëµ½¶ËÆóÒµ¼¨Ð§ÖÎÀíϵͳ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_´úÂëÖ´ÐÐ_WebLogic_·´ÐòÁл¯Îó²î[CVE-2018-3252][CNNVD-201810-843] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IPÖ÷»úÕýÔÚʹÓÃWeblogic½á¹¹¶ñÒâ·´ÐòÁдúÂëÖ´ÐÐí§ÒâÏÂÁOracleWeblogicServerÊÇÓ¦ÓóÌÐò·þÎñÆ÷¡£WeblogicÓ¦Ó÷þÎñÆ÷µÄApacheConnectorÄ£¿éÖеÄmod_wlδ¶ÔÓû§Ìá½»µÄÊäÈëÊý¾Ý¾ÙÐÐ׼ȷ¼ì²é£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔʹÓÃÎó²î¾ÙÐлº³åÇøÒç³ö¹¥»÷£¬¿Éµ¼Ö¾ܾø·þÎñ»òí§Òâ´úÂëÖ´Ðй¥»÷¡£¹¥»÷Õß¿ÉÒÔÌá½»°üÀ¨³¬³¤Êý¾ÝµÄPOSTÇëÇó´¥·¢´ËÎó²î£¬È«ÐĹ¹½¨Ìá½»Êý¾Ý¿Éµ¼ÖÂÒÔÓ¦ÓóÌÐòȨÏÞÖ´ÐÐí§ÒâÖ¸Á»ñµÃ·þÎñÆ÷µÄ¿ØÖÆȨ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_ľÂí_Win32.MOOZ.THCCABOÍÚ¿óľÂí_ÅþÁ¬C2·þÎñÆ÷_ÉÏ´«ÇÔÃÜÐÅÏ¢ |
Çå¾²ÀàÐÍ£º | Èä³æ²¡¶¾ |
ÊÂÎñÐÎò£º | MOOZ.THCCABOÍÚ¿óľÂíÊÇʹÓÃAutoIt±àÒëµÄÒ»¿îÍÚ¿ó³ÌÐò£¬Ò»¾ºÍZoom×°ÖóÌÐòÀ¦°óÔÚÒ»ÆðÈö²¥¡£MOOZ.THCCABOÍÚ¿óľÂíʹÓÃWindowsManagementInstrumentation£¨WMIÅÌÎÊ£©ÍøÂçͼÐδ¦Öóͷ£µ¥Î»(GPU)ÐÅÏ¢£¬Ëü»¹ÍøÂçÊܺ¦Ö÷»úµÄCPU¡¢ÏµÍ³¡¢²Ù×÷ϵͳ°æ±¾¡¢ÊÓƵ¿ØÖÆÆ÷ºÍ´¦Öóͷ£Æ÷µÄÏêϸÐÅÏ¢£¬Ëü»¹»á¼ì²éÊÇ·ñÆôÓÃÁËMicrosoftSmartScreenºÍWindowsDefender£¬ÒÔ¼°ÏµÍ³ÖÐÕýÔÚÔËÐеķÀ²¡¶¾½â¾ö¼Æ»®£¬ÍøÂçµ½µÄÐÅÏ¢½«Ê¹ÓÃHTTPGETÇëÇó·¢Ë͵½hxxps://2no.co/1IRnc¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_Ç徲ɨÃè_MSF_̽²âpostgres·þÎñ°æ±¾ |
Çå¾²ÀàÐÍ£º | Ç徲ɨÃè |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IP×°±¸ÕýÔÚ̽²âÄ¿µÄIP×°±¸postgres·þÎñµÄ°æ±¾ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_ľÂí_NTMiner(¿ªÔ´¿ó¹¤)_ÅþÁ¬·þÎñÆ÷_ÉÏ´«ÇÔÃÜÐÅÏ¢ |
Çå¾²ÀàÐÍ£º | Èä³æ²¡¶¾ |
ÊÂÎñÐÎò£º | ¿ªÔ´¿ó¹¤(NTMiner)ÊÇÒ»¿îÓÉÖйúÈË¿ª·¢Éè¼ÆµÄÏÔ¿¨ÍÚ¿óÈí¼þ£¬Ö÷ÒªÓÃÓÚÍÚETHµÈÏÔ¿¨±Ò¡£¿ªÔ´¿ó¹¤ÄÚÖõÄËùÓÐÄں˾ùΪ԰棬²»»áÌØÊâÔöÌí¿ó¹¤Ö§³ö£¬ÓÀÔ¶¿ªÔ´£¬ÓÀÔ¶²»»áÈ¥Æƽâ¹úÈË¿ª·¢µÄÄںˡ£ÍÚ¿ó³ÌÐò»áÕ¼ÓÃCPU×ÊÔ´£¬¿ÉÄܵ¼ÖÂÊܺ¦Ö÷»ú±äÂý¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_´úÂëÖ´ÐÐ_PandoraFMSÔ¶³Ì´úÂëÖ´ÐÐÎó²î[CVE-2019-20224][CNNVD-202001-324] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´ipÕýÔÚʹÓÃPandoraFMSµÄÔ¶³Ì´úÂëÖ´ÐÐÎó²î¾ÙÐй¥»÷£»PandoraFMSÊÇÒ»¿îÓÃÓÚIT»ù´¡ÉèÊ©ÖÎÀíµÄ¼à¿ØÈí¼þ¡£Ëü°üÀ¨ÍøÂç×°±¸¡¢WindowsºÍUnix·þÎñÆ÷¡¢ÐéÄâ»ù´¡¼Ü¹¹ºÍËùÓвî±ðÀàÐ͵ÄÓ¦ÓóÌÐò¡£PandoraFMS¾ßÓдó×Ú¹¦Ð§£¬Ê¹Æä³ÉΪº¸ÇÄú×éÖ¯¿ÉÄܱ£´æµÄËùÓмà¿ØÎÊÌâµÄÐÂÒ»´úÈí¼þ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | HTTP_´úÂëÖ´ÐÐ_WebSVN_Ô¶³Ì´úÂëÖ´ÐÐÎó²î[CVE-2021-32305] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´ipÕýÔÚͨ¹ýWebSVNµÄÔ¶³Ì´úÂëÖ´ÐÐÎó²î¾ÙÐй¥»÷£¬WebSVNÊÇÒ»¸ö»ùÓÚWebµÄSubversionRepositoryä¯ÀÀÆ÷£¬¿ÉÒÔÉó²éÎļþ»òÎļþ¼ÐµÄÈÕÖ¾£¬Éó²éÎļþµÄת±äÁбíµÈ¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_ľÂí_CPUMiner_ÅþÁ¬¿ó³ØÀÖ³É(BTC/LTC) |
Çå¾²ÀàÐÍ£º | Èä³æ²¡¶¾ |
ÊÂÎñÐÎò£º | ¼ì²âµ½µ½ÍÚ¿óľÂíCPUMinerÅþÁ¬¿ó³ØÀֳɵÄÐÐΪ¡£Ô´IPËùÔÚµÄÖ÷»ú¿ÉÄܱ»Ö²ÈëÁËCPUMinerľÂí¡£CPUMinerÊÇÒ»¿îÍÚ¿ó¶ñÒâ³ÌÐò£¬ÍÚ¿ó³ÌÐò»áÕ¼ÓÃCPU×ÊÔ´£¬¿ÉÄܵ¼ÖÂÊܺ¦Ö÷»ú±äÂý¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_ľÂí_CPUMiner_»ñÈ¡ÍÚ¿óʹÃü(BTC/LTC) |
Çå¾²ÀàÐÍ£º | Èä³æ²¡¶¾ |
ÊÂÎñÐÎò£º | ¼ì²âµ½ÍÚ¿óľÂíCPUMiner¿ó»ú»ñÈ¡ÍÚ¿óʹÃüµÄÐÐΪ¡£Ô´IPËùÔÚµÄÖ÷»ú¿ÉÄܱ»Ö²ÈëÁËCPUMinerÍÚ¿óľÂí¡£CPUMinerÊÇÒ»¿îÍÚ¿ó¶ñÒâ³ÌÐò£¬ÍÚ¿ó³ÌÐò»áÕ¼ÓÃCPU×ÊÔ´£¬¿ÉÄܵ¼ÖÂÊܺ¦Ö÷»ú±äÂý¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_ľÂí_CPUMiner_ÍÚ¿ó¿ØÖÆÏÂÁîͨѶ_ÄѶȵ÷½â(BTC/LTC) |
Çå¾²ÀàÐÍ£º | Èä³æ²¡¶¾ |
ÊÂÎñÐÎò£º | ¼ì²âµ½ÍÚ¿óľÂíÓÉ¿ó³Ø¿ØÖÆ¿ó»úµ÷½âÍÚ¿óÄѶȡ£Ô´IPËùÔÚµÄÖ÷»ú¿ÉÄܱ»Ö²ÈëÁËCPUMinerÍÚ¿óľÂí¡£CPUMinerÊÇÒ»¿îÍÚ¿ó¶ñÒâ³ÌÐò£¬ÍÚ¿ó³ÌÐò»áÕ¼ÓÃCPU×ÊÔ´£¬¿ÉÄܵ¼ÖÂÊܺ¦Ö÷»ú±äÂý¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_Çå¾²Îó²î_Jackson_Databind_¿ÉÒÉ·´ÐòÁл¯Àà_dbcp2[CVE-2020-36180/CVE-2020-36182/CVE-2020-36184/CVE-2020-36185][CNNVD-202101-326/CNNVD-202101-325/CNNVD-202101-344/CNNVD-202101-337] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | JacksonÊÇÒ»¸öÄܹ»½«java¹¤¾ßÐòÁл¯ÎªJSON×Ö·û´®£¬Ò²Äܹ»½«JSON×Ö·û´®·´ÐòÁл¯Îªjava¹¤¾ßµÄ¿ò¼Ü¡£¹¥»÷Õß¿ÉÄÜʹÓÃjacksonµÄ¿ÉÒÉ·´ÐòÁл¯Ààorg.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource»òorg.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource¹¥»÷Ä¿µÄIPÖ÷»ú¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÐÞ¸ÄÊÂÎñ
ÊÂÎñÃû³Æ£º | TCP_½©Ê¬ÍøÂç_IoT.Moobot_ÅþÁ¬ |
Çå¾²ÀàÐÍ£º | ÆäËûÊÂÎñ |
ÊÂÎñÐÎò£º | ¼ì²âµ½MoobotÊÔͼÅþÁ¬C&C·þÎñÆ÷¡£Ô´IPÖ÷»ú¿ÉÄܱ»Ö²ÈëÁ˽©Ê¬ÍøÂçMoobot¡£MoobotÊÇÒ»¸öIoT½©Ê¬ÍøÂ磬Ö÷Òª¹¦Ð§ÊǶÔÖ¸¶¨Ä¿µÄÌᳫDDoS¹¥»÷£¬Í¨¹ýÖÖÖÖÎó²îÈö²¥×ÔÉí¡£ |
¸üÐÂʱ¼ä£º | 20220329 |
ÊÂÎñÃû³Æ£º | TCP_Çå¾²Îó²î_Apache_Log4j2_Ô¶³Ì´úÂëÖ´ÐÐÎó²î[CVE-2021-44228][CNNVD-202112-799] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ApacheLog4j2ÊÇÒ»¸öÓÃÓÚJavaµÄÈÕÖ¾¼Í¼¿â£¬ÆäÖ§³ÖÆô¶¯Ô¶³ÌÈÕÖ¾·þÎñÆ÷¡£ÔÚApacheLog4j22.15.0_rc1֮ǰµÄ2.x°æ±¾Öб£´æÇå¾²Îó²î¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÔ¶³ÌÖ´ÐÐí§Òâ´úÂë |
¸üÐÂʱ¼ä£º | 20220329 |